Topic: wolfssl-tutorial-2.0 does not work, communication problem?

Hi,

I have worked through the tutorial from chapter 11 in the manual and provided in a seperate document ssl-tutorial-2.0.

Both the echoclient and echoserver build and start without any problems.

I run into a problem when I try to send a message from the client to the server.
The following are the steps I use to run the programs and the output I get:
1. Start the server first.
2. Start the client with sudo ./echoclient 127.0.0.1 after which I get an output from the server Connection from 127.0.0.1, port 50890
3. Type hello at the client and press enter.
4. I wrote some code in the server to output the error message.  In the server, I get "wolfSSL_read error = -208, Error string: error state on socket"
In the client I get wolfSSL_write failed: Success.

So the problem seems to start in the str_cli() function of the tcpcli01.c file. So examing this and adding some code, to get the error code and error string from the wolfSSL_write I run the steps from above again, this time I get the error code and string in from the wolfSSL_write in the client:

"error = -151, ASN date error, current date after."

So I suspect there is a problem with the certificates.  I am not really sure if it is with the server or client certificates so I check both and they have an ending date of March 26, 2013.

So I try to build my own keys and certificates from the instructions found in wolfSSL-2.8.0/certs/taoCert.txt.  I replace the newly built certs with the old certs and ran the steps again.  This time I get the error

"error = -188, ASN no signer error to confrim failure"

So I think that I must not have built the certificates correctly, but I believer I have followed the instructions as closely as possible.

I any one can give me suggestions or guidance on what I need to do to successfully exchange messages between the client and server I would greatly appreciate it.

Thanks,

Doug

Share

2 (edited by Zeddi 2014-02-10 08:00:25)

Re: wolfssl-tutorial-2.0 does not work, communication problem?

Hi Douglas,

regarding the outdated certificates:
AFAIK, the ones outdated were recently updated in git [1]. You could try to download them from there and try again with those - this should eliminate the possibility of your self-created certificates not being correct in some way.

WolfSSL also released wolfSSL embedded SSL 2.9.0 last Friday (the downloads on the website are not updated yet I saw, but they tagged this version already in git [2]). You could try downloading this version and trying it.

[1] https://github.com/cyassl/cyassl/tree/master/certs
[2] https://github.com/cyassl/cyassl/tree/v2.9.0

Best regards,
Daniel

Share

Re: wolfssl-tutorial-2.0 does not work, communication problem?

Thank you for the response.  Copying the new certs and key made everything work.

Doug

Share

Re: wolfssl-tutorial-2.0 does not work, communication problem?

Hi Doug,

Thanks for your comments about the SSL tutorial and for bringing the expired certificates to our attention.  I'll put it on our list to take another pass through the tutorial and give it a refresh/update and add in any extra enhancements which may make it easier to use.

If you have any additional feedback on the tutorial, specifically areas you would like to see improved upon, please let me know.  Ideally, we'd like to make it as easy for users to work through as possible.

Best Regards,
Chris

Re: wolfssl-tutorial-2.0 does not work, communication problem?

Hi Chris,

I think the tutorial was quite good.  It gave me a good springboard to start from.  The only problem I had is being fairly new to Linux; which of course has nothing to do with the tutorial.  Certain things in Windows happens automatically (like registering a library).  Not so much in Linux and I am learning some of this the hard way.

My next task is to change the code in the tutorial from using TCP with TSL to using UPD with DTSL.  Should be fun.

Thanks,

Doug

Share