Gentoo Forums :: View topic - OpenSSL doesn't find certificate

OpenSSL doesn't find certificate

View unanswered posts
View posts from last 24 hours

Gentoo Forums Forum Index

Networking & Security

View previous topic :: View next topic

Author

Message

coviex
n00b
n00b

Joined: 27 Sep 2010
Posts: 33

Posted: Thu Jul 28, 2011 11:39 am Post subject: OpenSSL doesn't find certificate

Hi,

I'm having several problems with certificate.
Hoped to install it and use to access myhost in a browser.
Mac users installed it easily. Another guy with gentoo also installed successfully.
But nothing works for me.
Certificate placed in /etc/ssl/certs/myhost.crt. Renamed to myhost.pem.
c_rehash and update-ca-certificates create symlink ok, but certificate doesn't get listed in ca-certificates.crt.
Manually appending certificate to ca-certificates.crt seems not working as well.
Tryied to test it with these resuls:

Code:

# strace -e trace=file openssl s_client -connect myhost.com:443
execve("/usr/bin/openssl", ["openssl", "s_client", "-connect", "myhost.com:443"], [/* 31 vars */]) = 0
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/usr/lib64/tls/x86_64/libssl.so.1.0.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/usr/lib64/tls/x86_64", 0x7fffd664e4a0) = -1 ENOENT (No such file or directory)
open("/usr/lib64/tls/libssl.so.1.0.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/usr/lib64/tls", 0x7fffd664e4a0) = -1 ENOENT (No such file or directory)
open("/usr/lib64/x86_64/libssl.so.1.0.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/usr/lib64/x86_64", 0x7fffd664e4a0) = -1 ENOENT (No such file or directory)
open("/usr/lib64/libssl.so.1.0.0", O_RDONLY) = 3
open("/usr/lib64/libcrypto.so.1.0.0", O_RDONLY) = 3
open("/usr/lib64/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/lib64/libc.so.6", O_RDONLY) = 3
open("/lib64/libdl.so.2", O_RDONLY) = 3
open("/lib64/libz.so.1", O_RDONLY) = 3
open("/etc/ssl/openssl.cnf", O_RDONLY) = 3
open("/proc/meminfo", O_RDONLY) = 3
stat("/root/.rnd", 0x7fffd664e2f0) = -1 ENOENT (No such file or directory)
open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3
open("/etc/resolv.conf", O_RDONLY) = 3
stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=174, ...}) = 0
open("/etc/resolv.conf", O_RDONLY) = 3
open("/etc/nsswitch.conf", O_RDONLY) = 3
open("/usr/lib64/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/lib64/libnss_files.so.2", O_RDONLY) = 3
open("/etc/host.conf", O_RDONLY) = 3
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib64/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/lib64/libnss_dns.so.2", O_RDONLY) = 3
open("/lib64/libresolv.so.2", O_RDONLY) = 3
CONNECTED(00000003)
...
Verify return code: 21 (unable to verify the first certificate)
---
read:errno=0

Code:

# strace -e trace=file openssl s_client -CAfile /etc/ssl/certs/myhost.pem -connect myhost.com:443
execve("/usr/bin/openssl", ["openssl", "s_client", "-CAfile", "/etc/ssl/certs/myhost.pem", "-connect", "myhost.com:443"], [/* 31 vars */]) = 0
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/usr/lib64/tls/x86_64/libssl.so.1.0.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/usr/lib64/tls/x86_64", 0x7fffdcd2f710) = -1 ENOENT (No such file or directory)
open("/usr/lib64/tls/libssl.so.1.0.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/usr/lib64/tls", 0x7fffdcd2f710) = -1 ENOENT (No such file or directory)
open("/usr/lib64/x86_64/libssl.so.1.0.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/usr/lib64/x86_64", 0x7fffdcd2f710) = -1 ENOENT (No such file or directory)
open("/usr/lib64/libssl.so.1.0.0", O_RDONLY) = 3
open("/usr/lib64/libcrypto.so.1.0.0", O_RDONLY) = 3
open("/usr/lib64/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/lib64/libc.so.6", O_RDONLY) = 3
open("/lib64/libdl.so.2", O_RDONLY) = 3
open("/lib64/libz.so.1", O_RDONLY) = 3
open("/etc/ssl/openssl.cnf", O_RDONLY) = 3
open("/proc/meminfo", O_RDONLY) = 3
stat("/root/.rnd", 0x7fffdcd2f560) = -1 ENOENT (No such file or directory)
open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3
open("/etc/ssl/certs/myhost.pem", O_RDONLY) = 3
open("/etc/ssl/cert.pem", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/resolv.conf", O_RDONLY) = 3
stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=174, ...}) = 0
open("/etc/resolv.conf", O_RDONLY) = 3
open("/etc/nsswitch.conf", O_RDONLY) = 3
open("/usr/lib64/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/lib64/libnss_files.so.2", O_RDONLY) = 3
open("/etc/host.conf", O_RDONLY) = 3
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib64/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/lib64/libnss_dns.so.2", O_RDONLY) = 3
open("/lib64/libresolv.so.2", O_RDONLY) = 3
CONNECTED(00000003)
...
Verify return code: 0 (ok)
---

Any ideas?

Thanks

Display posts from previous:

	Gentoo Forums Forum Index Networking & Security	All times are GMT
Page 1 of 1

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy