[stunnel-users] CApath hash calculation broken (ver 4.34)?

Michal Trojnara Michal.Trojnara at mirt.net
Wed Nov 17 17:54:16 CET 2010


Hi,

OpenSSL has changed c_rehash functionality in version 1.0.0. File names generated with OpenSSL 0.x.x are not compatible with OpenSSL 1.x.x.

Mike

"Konstantin Suvorov" <i.am at berlic.net> wrote:

>Hello,
>
>I’m trying to setup client-server SSL connection with “level 3”
>verification
>on server side.
>I use 4.34 precompiled binary package for win32.
>I put client certificates into CApath folder with hashed filenames (I
>use
>openssl x509 -hash to get them).
>And nothing works: I get “bad certificate”.
>After sniffing for filenames stunnel server is looking for I found out
>that
>they are not matching the hash values I got with openssl tool.
>I downloaded openssl binaries (ver. 0.9.8o) and put them into the
>stunnel
>folder.
>This fixed the bug with wrong filename request inside stunnel, but it
>started to crash after connection is initiated.
>I tried to install stunnel (fresh download of 4.34) on another computer
>>the same problem: requested hash-filename is not equal to actual one.
>
>Does anybody know how to fix this?
>
>Regards,
>Konstantin.
>_______________________________________________
>stunnel-users mailing list
>stunnel-users at mirt.net
>http://stunnel.mirt.net/mailman/listinfo/stunnel-users

-- 
Wysłane z Androida za pomocą K-9 Mail. Prosze wybaczyć lakoniczność.



More information about the stunnel-users mailing list