You are not logged in. Please login or register.
Active topics Unanswered topics
Welcome to the wolfSSL Forums!
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
References
Stable Releases - download stable product releases.
Development Branch - latest development branch on GitHub.
wolfSSL Manual - wolfSSL (formerly CyaSSL) product manual and API reference.
Search options
Hey,
this example we want to test Deffie Hellman on random server
exactly this : DH-RSA-AES128-GCM-SHA256
we use this command line and we see wireshark :
openssl s_client -cipher DH -connect yoursite.com:443 -msg -debug treadmills.
Bitg
amirmaim wrote:Thanks Bitgid, but I've seen this manual and the answer to my question is not there.
to clarify: assuming we have 3 certificates A->B->C (A signed B, B signed C), where A is self-signed certificate, is there a way to load B as the my trust anchor, and allow WOLFSSL to authenticate C only with B (that is, without self-signed certificate)?
this behavior will be equivalent to OPENSSL with "partial_chain" flag.
anyway, thanks!
Amir
Oh,ok.I will try search more infor for you!
amirmaim wrote:Hello,
OPENSSL provide the flag "partial_chain" that allow non self signed certificates to be used as CA, and verify certificates signed by one of those non self signed CA certificates. also, with "partial_chain" a non self signed CA can verify itself (which I'm not sure that is a private case of the partial chain verification rule).
is there a similar behavior supported by WOLFSSL? I'm looking for partial chain verification, self-verification, or both.
I know there is possibility to overwrite the verification result with verify_cb mechanism but I want to use WOLFSSL verification schemes. maybe I can call relevant WOLFSSL function from inside my verify_cb?
Thanks!
Amir
p.s.
without the flag, OPENSSL return "unable to get local issuer certificate". WOLFSSL return -188 (ASN_NO_SIGNER_E).
Hey,Amir.
Check out this manual.
https://www.wolfssl.com/docs/wolfssl-manual/ch7/
There are several good and useful answers.
And a special thank to Bitcohen.
Regards BG!
Posts found: 3
Generated in 0.020 seconds (96% PHP - 4% DB) with 5 queries