Testing openssl with s_server and s_client

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Testing openssl with s_server and s_client

Nomad Esst
Hi
What are the steps to test openssl with s_client and s_server?
I have create a private key using the following command:
 openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem

But when I try to run the server with the following command:
 openssl s_server -accept 443 -cert seckey.pem

I get this error:
 unable to load certificate
 34381037128:error:0906D06C:PEM routines:PEM_read_bio:no  start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE

What should I do?

Thanks in advance


Reply | Threaded
Open this post in threaded view
|

Re: Testing openssl with s_server and s_client

Viktor Dukhovni
On Mon, Feb 17, 2014 at 01:44:53AM -0800, Nomad Esst wrote:

> What are the steps to test openssl with s_client and s_server?
> I have create a private key using the following command:
>
>   openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem

This generates a private key.

> But when I try to run the server with the following command:
>
> openssl s_server -accept 443 -cert seckey.pem
>

A private key is not a certificate.  You need to generate a self-signed
or CA signed certificate.  For the former:

        openssl req -new -key seckey.pem -out seccert.pem \
            -x509 -subj "/CN=$(uname -n)" -days 3650

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]