Discussion:
Testing openssl with s_server and s_client
Nomad Esst
2014-02-17 09:44:53 UTC
Permalink
Hi
What are the steps to test openssl with s_client and s_server?
I have create a private key using the following command:
 openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem

But when I try to run the server with the following command:
 openssl s_server -accept 443 -cert seckey.pem

I get this error:
 unable to load certificate
 34381037128:error:0906D06C:PEM routines:PEM_read_bio:no  start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE

What should I do?

Thanks in advance
Viktor Dukhovni
2014-02-17 18:53:40 UTC
Permalink
Post by Nomad Esst
What are the steps to test openssl with s_client and s_server?
openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem
This generates a private key.
Post by Nomad Esst
openssl s_server -accept 443 -cert seckey.pem
A private key is not a certificate. You need to generate a self-signed
or CA signed certificate. For the former:

openssl req -new -key seckey.pem -out seccert.pem \
-x509 -subj "/CN=$(uname -n)" -days 3650
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
Loading...