openssl

Verify return code: 20 when testing OpenSSL

by

Your first error is – you need a certificate file. Or at least path to them, so that you can verify the OpenSSL.org certificate. Your second error – you don’t specify a file and -CAfile requires a single certificate (PEM or DER encoded). The easiest way to perform connection with OpenSSL.org: Download mozilla certificate bundle from here: http://curl.haxx.se/docs/caextract.html … Read more

SSL_read failing with SSL_ERROR_SYSCALL error

by

We have implemented tls using openssl. While downloading larger data from server getting SSL_ERROR_SYSCALL error after receiving the some data. For smaller files I am not getting this error, able to download without any error. ERR_get_error() is showing zero for larger files. We are using linux and c++ framework. How to find reason for the failure? What … Read more

How to generate a self-signed SSL certificate using OpenSSL?

by

You can do that in one command: You can also add -nodes (short for no DES) if you don’t want to protect your private key with a passphrase. Otherwise it will prompt you for “at least a 4 character” password. The days parameter (365) you can replace with any number to affect the expiration date. It will then prompt you … Read more

Openssl : error “self signed certificate in certificate chain”

by

You have a certificate which is self-signed, so it’s non-trusted by default, that’s why OpenSSL complains. This warning is actually a good thing, because this scenario might also rise due to a man-in-the-middle attack. To solve this, you’ll need to install it as a trusted server. If it’s signed by a non-trusted CA, you’ll have … Read more