1 Topic by vijaykumar.ppsg

(1 replies, posted in wolfSSL)

Hello Team,

chain certificate present in .pem file not listing all the certificates from function wolfSSL_CTX_load_verify_locations
i see below logs
2018-10-04 09:40:20    ENTER    wolfSSL Entering wolfSSL_CTX_load_verify_locations
2018-10-04 09:40:20    INFO    Getting dynamic buffer
2018-10-04 09:40:20    INFO    Processing CA PEM file
2018-10-04 09:40:20    ENTER    wolfSSL Entering PemToDer
2018-10-04 09:40:20    INFO    Adding a CA
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetExplicitVersion
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetMyVersion
2018-10-04 09:40:20    INFO    Got Cert Header
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    INFO    Got Algo ID
2018-10-04 09:40:20    INFO    Getting Cert Name
2018-10-04 09:40:20    INFO    Getting Cert Name
2018-10-04 09:40:20    INFO    Got Subject Name
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    INFO    Got Key
2018-10-04 09:40:20    INFO    Parsed Past Key
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeCertExtensions
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeKeyUsage
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeBasicCaConstraint
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeSubjKeyId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeAuthKeyId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    INFO        Parsed new CA
2018-10-04 09:40:20    INFO        Freeing Parsed CA
2018-10-04 09:40:20    INFO        Freeing der CA
2018-10-04 09:40:20    INFO            OK Freeing der CA
2018-10-04 09:40:20    LEAVE    wolfSSL Leaving AddCA, return 0
2018-10-04 09:40:20    INFO       Processed a CA
2018-10-04 09:40:20    ENTER    wolfSSL Entering PemToDer
2018-10-04 09:40:20    INFO    Adding a CA
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetExplicitVersion
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetMyVersion
2018-10-04 09:40:20    INFO    Got Cert Header
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    INFO    Got Algo ID
2018-10-04 09:40:20    INFO    Getting Cert Name
2018-10-04 09:40:20    INFO    Getting Cert Name
2018-10-04 09:40:20    INFO    Got Subject Name
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    INFO    Got Key
2018-10-04 09:40:20    INFO    Parsed Past Key
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeCertExtensions
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeBasicCaConstraint
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeKeyUsage
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeExtKeyUsage
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeAuthInfo
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeCrlDist
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    INFO    Certificate Policy extension not supported yet.
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeSubjKeyId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeAuthKeyId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    INFO        Parsed new CA
2018-10-04 09:40:20    INFO        Freeing Parsed CA
2018-10-04 09:40:20    INFO        Freeing der CA
2018-10-04 09:40:20    INFO            OK Freeing der CA
2018-10-04 09:40:20    LEAVE    wolfSSL Leaving AddCA, return 0
2018-10-04 09:40:20    INFO       Processed a CA
2018-10-04 09:40:20    ENTER    wolfSSL Entering PemToDer
2018-10-04 09:40:20    INFO    Adding a CA
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetExplicitVersion
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetMyVersion
2018-10-04 09:40:20    INFO    Got Cert Header
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    INFO    Got Algo ID
2018-10-04 09:40:20    INFO    Getting Cert Name
2018-10-04 09:40:20    INFO    Getting Cert Name
2018-10-04 09:40:20    INFO    Got Subject Name
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    INFO    Got Key
2018-10-04 09:40:20    INFO    Parsed Past Key
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeCertExtensions
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeAuthKeyId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeSubjKeyId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeAltNames
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeKeyUsage
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeExtKeyUsage
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeCrlDist
2018-10-04 09:40:20    INFO        There are more CRL Distribution Point records, but we only use the first one.
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    INFO    Certificate Policy extension not supported yet.
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeAuthInfo
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering DecodeBasicCaConstraint
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:20    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:20    INFO        Parsed new CA
2018-10-04 09:40:20    INFO        Freeing Parsed CA
2018-10-04 09:40:20    INFO        Freeing der CA
2018-10-04 09:40:20    INFO            OK Freeing der CA
2018-10-04 09:40:20    LEAVE    wolfSSL Leaving AddCA, return 0
2018-10-04 09:40:20    INFO       Processed a CA
2018-10-04 09:40:20    INFO    Processed at least one valid CA. Other stuff OK
2018-10-04 09:40:20    ENTER    wolfSSL Entering SSL_new
2018-10-04 09:40:20    LEAVE    wolfSSL Leaving SSL_new, return 0
2018-10-04 09:40:20    ENTER    wolfSSL Entering SSL_set_fd
2018-10-04 09:40:20    LEAVE    wolfSSL Leaving SSL_set_fd, return 1
2018-10-04 09:40:20    ENTER    wolfSSL Entering wolfSSL_SetTmpDH
2018-10-04 09:40:20    LEAVE    wolfSSL Leaving wolfSSL_SetTmpDH, return 0
2018-10-04 09:40:20    ENTER    wolfSSL Entering SSL_accept()
2018-10-04 09:40:21    INFO    growing input buffer

2018-10-04 09:40:21    INFO    received record layer msg
2018-10-04 09:40:21    ENTER    wolfSSL Entering DoHandShakeMsg()
2018-10-04 09:40:21    ENTER    wolfSSL Entering DoHandShakeMsgType
2018-10-04 09:40:21    INFO    processing client hello
2018-10-04 09:40:21    ENTER    wolfSSL Entering MatchSuite
2018-10-04 09:40:21    ENTER    wolfSSL Entering VerifyServerSuite
2018-10-04 09:40:21    INFO    Requires RSA
2018-10-04 09:40:21    INFO    Verified suite validity
2018-10-04 09:40:21    LEAVE    wolfSSL Leaving DoHandShakeMsgType(), return 0
2018-10-04 09:40:21    LEAVE    wolfSSL Leaving DoHandShakeMsg(), return 0
2018-10-04 09:40:21    INFO    accept state ACCEPT_CLIENT_HELLO_DONE
2018-10-04 09:40:21    INFO    accept state ACCEPT_FIRST_REPLY_DONE
2018-10-04 09:40:21    INFO    growing output buffer

2018-10-04 09:40:21    INFO    Shrinking output buffer

2018-10-04 09:40:21    INFO    accept state SERVER_HELLO_SENT
2018-10-04 09:40:21    INFO    growing output buffer

2018-10-04 09:40:21    INFO    Shrinking output buffer

2018-10-04 09:40:21    INFO    accept state CERT_SENT
2018-10-04 09:40:21    ENTER    wolfSSL Entering SendCertificateStatus
2018-10-04 09:40:21    INFO    accept state CERT_STATUS_SENT
2018-10-04 09:40:21    INFO    Using ephemeral ECDH
2018-10-04 09:40:21    ENTER    wolfSSL Entering GetMyVersion
2018-10-04 09:40:21    INFO    growing output buffer

2018-10-04 09:40:21    ENTER    wolfSSL Entering VerifyRsaSign
2018-10-04 09:40:21    INFO    Shrinking output buffer

2018-10-04 09:40:21    INFO    accept state KEY_EXCHANGE_SENT
2018-10-04 09:40:21    INFO    accept state CERT_REQ_SENT
2018-10-04 09:40:21    INFO    growing output buffer

2018-10-04 09:40:21    INFO    Shrinking output buffer

2018-10-04 09:40:21    INFO    accept state SERVER_HELLO_DONE


============================================================================

Now, i see a security warning message from my java client and if i click continue/proceed with this warning then remaining log is as below


2018-10-04 09:40:39    INFO    received record layer msg
2018-10-04 09:40:39    ENTER    wolfSSL Entering DoHandShakeMsg()
2018-10-04 09:40:39    ENTER    wolfSSL Entering DoHandShakeMsgType
2018-10-04 09:40:39    INFO    processing client key exchange
2018-10-04 09:40:39    LEAVE    wolfSSL Leaving DoHandShakeMsgType(), return 0
2018-10-04 09:40:39    LEAVE    wolfSSL Leaving DoHandShakeMsg(), return 0
2018-10-04 09:40:39    INFO    received record layer msg
2018-10-04 09:40:39    INFO    got CHANGE CIPHER SPEC
2018-10-04 09:40:39    INFO    received record layer msg
2018-10-04 09:40:39    ENTER    wolfSSL Entering DoHandShakeMsg()
2018-10-04 09:40:39    ENTER    wolfSSL Entering DoHandShakeMsgType
2018-10-04 09:40:39    INFO    processing finished
2018-10-04 09:40:39    LEAVE    wolfSSL Leaving DoHandShakeMsgType(), return 0
2018-10-04 09:40:39    LEAVE    wolfSSL Leaving DoHandShakeMsg(), return 0
2018-10-04 09:40:39    INFO    accept state  ACCEPT_SECOND_REPLY_DONE
2018-10-04 09:40:39    INFO    accept state  TICKET_SENT
2018-10-04 09:40:39    INFO    growing output buffer

2018-10-04 09:40:39    INFO    Shrinking output buffer

2018-10-04 09:40:39    INFO    accept state  CHANGE_CIPHER_SENT
2018-10-04 09:40:39    INFO    growing output buffer

2018-10-04 09:40:39    INFO    Shrinking output buffer

2018-10-04 09:40:39    INFO    accept state ACCEPT_FINISHED_DONE
2018-10-04 09:40:39    INFO    accept state ACCEPT_THIRD_REPLY_DONE
2018-10-04 09:40:39    INFO    Shrinking input buffer

2018-10-04 09:40:39    LEAVE    wolfSSL Leaving SSL_accept(), return 1
2018-10-04 09:40:39    ENTER    wolfSSL Entering wolfSSL_get_cipher
2018-10-04 09:40:39    ENTER    wolfSSL Entering SSL_get_current_cipher
2018-10-04 09:40:39    ENTER    wolfSSL Entering SSL_CIPHER_get_name
2018-10-04 09:40:39    ENTER    wolfSSL Entering wolfSSL_peek()
2018-10-04 09:40:39    ENTER    wolfSSL Entering wolfSSL_read_internal()
2018-10-04 09:40:39    ENTER    wolfSSL Entering ReceiveData()
2018-10-04 09:40:39    INFO    Embed Receive error
2018-10-04 09:40:39    INFO        Would block
2018-10-04 09:40:39    ERROR    wolfSSL error occurred, error = -323
2018-10-04 09:40:39    LEAVE    wolfSSL Leaving wolfSSL_read_internal(), return -323
2018-10-04 09:40:39    ENTER    wolfSSL Entering SSL_get_error
2018-10-04 09:40:39    LEAVE    wolfSSL Leaving SSL_get_error, return -323
2018-10-04 09:40:39    ENTER    wolfSSL Entering wolfSSL_peek()
2018-10-04 09:40:39    ENTER    wolfSSL Entering wolfSSL_read_internal()
2018-10-04 09:40:39    ENTER    wolfSSL Entering ReceiveData()
2018-10-04 09:40:39    INFO    growing input buffer

2018-10-04 09:40:39    INFO    received record layer msg
2018-10-04 09:40:39    INFO    got app DATA
2018-10-04 09:40:39    LEAVE    wolfSSL Leaving ReceiveData(), return 57
2018-10-04 09:40:39    LEAVE    wolfSSL Leaving wolfSSL_read_internal(), return 57
2018-10-04 09:40:39    ENTER    wolfSSL Entering SSL_get_error
2018-10-04 09:40:39    ENTER    wolfSSL Entering SSL_pending
2018-10-04 09:40:39    ENTER    wolfSSL Entering wolfSSL_read()
2018-10-04 09:40:39    ENTER    wolfSSL Entering wolfSSL_read_internal()
2018-10-04 09:40:39    ENTER    wolfSSL Entering ReceiveData()
2018-10-04 09:40:39    INFO    Shrinking input buffer

2018-10-04 09:40:39    LEAVE    wolfSSL Leaving ReceiveData(), return 57
2018-10-04 09:40:39    LEAVE    wolfSSL Leaving wolfSSL_read_internal(), return 57
2018-10-04 09:40:39    ENTER    wolfSSL Entering SSL_get_error
2018-10-04 09:40:39    ENTER    wolfSSL Entering SSL_write()
2018-10-04 09:40:39    INFO    growing output buffer

2018-10-04 09:40:39    INFO    Shrinking output buffer

2018-10-04 09:40:39    INFO    growing output buffer

2018-10-04 09:40:39    INFO    Shrinking output buffer

2018-10-04 09:40:39    LEAVE    wolfSSL Leaving SSL_write(), return 25163
2018-10-04 09:40:39    ENTER    wolfSSL Entering SSL_get_error
2018-10-04 09:40:39    ENTER    wolfSSL Entering SSL_write()
2018-10-04 09:40:39    INFO    growing output buffer

2018-10-04 09:40:39    INFO    Shrinking output buffer

2018-10-04 09:40:39    LEAVE    wolfSSL Leaving SSL_write(), return 10192
2018-10-04 09:40:39    ENTER    wolfSSL Entering SSL_get_error
2018-10-04 09:40:39    ENTER    wolfSSL Entering wolfSSL_read()
2018-10-04 09:40:39    ENTER    wolfSSL Entering wolfSSL_read_internal()
2018-10-04 09:40:39    ENTER    wolfSSL Entering ReceiveData()
2018-10-04 09:40:39    INFO    growing input buffer

2018-10-04 09:40:39    INFO    received record layer msg
2018-10-04 09:40:39    INFO    got ALERT!
2018-10-04 09:40:39    INFO    Got alert
2018-10-04 09:40:39    INFO        close notify
2018-10-04 09:40:39    ERROR    wolfSSL error occurred, error = 0
2018-10-04 09:40:39    ERROR    wolfSSL error occurred, error = -343
2018-10-04 09:40:39    INFO    Zero return, no more data coming
2018-10-04 09:40:39    LEAVE    wolfSSL Leaving wolfSSL_read_internal(), return 0
2018-10-04 09:40:39    ENTER    wolfSSL Entering SSL_get_error
2018-10-04 09:40:39    LEAVE    wolfSSL Leaving SSL_get_error, return -343
2018-10-04 09:40:40    ENTER    wolfSSL Entering SSL_write()
2018-10-04 09:40:40    INFO    growing output buffer

2018-10-04 09:40:40    INFO    Shrinking output buffer

2018-10-04 09:40:40    INFO    growing output buffer

2018-10-04 09:40:40    INFO    Shrinking output buffer

2018-10-04 09:40:40    LEAVE    wolfSSL Leaving SSL_write(), return 17096
2018-10-04 09:40:40    ENTER    wolfSSL Entering SSL_get_error
2018-10-04 09:40:40    ENTER    wolfSSL Entering SSL_write()
2018-10-04 09:40:40    INFO    growing output buffer

2018-10-04 09:40:40    INFO    Shrinking output buffer

2018-10-04 09:40:40    LEAVE    wolfSSL Leaving SSL_write(), return 11786
2018-10-04 09:40:40    ENTER    wolfSSL Entering SSL_get_error
2018-10-04 09:40:40    ENTER    wolfSSL Entering SSL_write()
2018-10-04 09:40:40    INFO    growing output buffer

2018-10-04 09:40:40    INFO    Shrinking output buffer

2018-10-04 09:40:40    LEAVE    wolfSSL Leaving SSL_write(), return 3060
2018-10-04 09:40:40    ENTER    wolfSSL Entering SSL_get_error
2018-10-04 09:40:42    ENTER    wolfSSL Entering SSL_library_init
2018-10-04 09:40:42    ENTER    wolfSSL Entering wolfSSL_Init
2018-10-04 09:40:42    ENTER    wolfSSL Entering WOLFSSL_CTX_new_ex
2018-10-04 09:40:42    ENTER    wolfSSL Entering wolfSSL_CertManagerNew
2018-10-04 09:40:42    LEAVE    wolfSSL Leaving WOLFSSL_CTX_new, return 0
2018-10-04 09:40:42    ENTER    wolfSSL Entering wolfSSL_CTX_set_cipher_list
2018-10-04 09:40:42    ENTER    wolfSSL Entering wolfSSL_CTX_use_certificate_file
2018-10-04 09:40:42    INFO    Getting dynamic buffer
2018-10-04 09:40:42    ENTER    wolfSSL Entering PemToDer
2018-10-04 09:40:42    INFO    Checking cert signature type
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetExplicitVersion
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetMyVersion
2018-10-04 09:40:42    INFO    Got Cert Header
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO    Got Algo ID
2018-10-04 09:40:42    INFO    Getting Cert Name
2018-10-04 09:40:42    INFO    Getting Cert Name
2018-10-04 09:40:42    INFO    Got Subject Name
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO    Got Key
2018-10-04 09:40:42    INFO    Not ECDSA cert signature
2018-10-04 09:40:42    ENTER    wolfSSL Entering wolfSSL_CTX_use_PrivateKey_file
2018-10-04 09:40:42    INFO    Getting dynamic buffer
2018-10-04 09:40:42    ENTER    wolfSSL Entering PemToDer
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetMyVersion
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetMyVersion
2018-10-04 09:40:42    ENTER    wolfSSL Entering SSL_CTX_check_private_key
2018-10-04 09:40:42    ENTER    wolfSSL Entering wolfSSL_CTX_load_verify_locations
2018-10-04 09:40:42    INFO    Getting dynamic buffer
2018-10-04 09:40:42    INFO    Processing CA PEM file
2018-10-04 09:40:42    ENTER    wolfSSL Entering PemToDer
2018-10-04 09:40:42    INFO    Adding a CA
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetExplicitVersion
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetMyVersion
2018-10-04 09:40:42    INFO    Got Cert Header
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO    Got Algo ID
2018-10-04 09:40:42    INFO    Getting Cert Name
2018-10-04 09:40:42    INFO    Getting Cert Name
2018-10-04 09:40:42    INFO    Got Subject Name
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO    Got Key
2018-10-04 09:40:42    INFO    Parsed Past Key
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeCertExtensions
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeKeyUsage
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeBasicCaConstraint
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeSubjKeyId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeAuthKeyId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO        Parsed new CA
2018-10-04 09:40:42    INFO        Freeing Parsed CA
2018-10-04 09:40:42    INFO        Freeing der CA
2018-10-04 09:40:42    INFO            OK Freeing der CA
2018-10-04 09:40:42    LEAVE    wolfSSL Leaving AddCA, return 0
2018-10-04 09:40:42    INFO       Processed a CA
2018-10-04 09:40:42    ENTER    wolfSSL Entering PemToDer
2018-10-04 09:40:42    INFO    Adding a CA
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetExplicitVersion
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetMyVersion
2018-10-04 09:40:42    INFO    Got Cert Header
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO    Got Algo ID
2018-10-04 09:40:42    INFO    Getting Cert Name
2018-10-04 09:40:42    INFO    Getting Cert Name
2018-10-04 09:40:42    INFO    Got Subject Name
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO    Got Key
2018-10-04 09:40:42    INFO    Parsed Past Key
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeCertExtensions
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeBasicCaConstraint
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeKeyUsage
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeExtKeyUsage
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeAuthInfo
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeCrlDist
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO    Certificate Policy extension not supported yet.
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeSubjKeyId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeAuthKeyId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO        Parsed new CA
2018-10-04 09:40:42    INFO        Freeing Parsed CA
2018-10-04 09:40:42    INFO        Freeing der CA
2018-10-04 09:40:42    INFO            OK Freeing der CA
2018-10-04 09:40:42    LEAVE    wolfSSL Leaving AddCA, return 0
2018-10-04 09:40:42    INFO       Processed a CA
2018-10-04 09:40:42    ENTER    wolfSSL Entering PemToDer
2018-10-04 09:40:42    INFO    Adding a CA
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetExplicitVersion
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetMyVersion
2018-10-04 09:40:42    INFO    Got Cert Header
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO    Got Algo ID
2018-10-04 09:40:42    INFO    Getting Cert Name
2018-10-04 09:40:42    INFO    Getting Cert Name
2018-10-04 09:40:42    INFO    Got Subject Name
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO    Got Key
2018-10-04 09:40:42    INFO    Parsed Past Key
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeCertExtensions
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeAuthKeyId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeSubjKeyId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeAltNames
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeKeyUsage
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeExtKeyUsage
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeCrlDist
2018-10-04 09:40:42    INFO        There are more CRL Distribution Point records, but we only use the first one.
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO    Certificate Policy extension not supported yet.
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeAuthInfo
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering DecodeBasicCaConstraint
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetAlgoId
2018-10-04 09:40:42    ENTER    wolfSSL Entering GetObjectId()
2018-10-04 09:40:42    INFO        Parsed new CA
2018-10-04 09:40:42    INFO        Freeing Parsed CA
2018-10-04 09:40:42    INFO        Freeing der CA
2018-10-04 09:40:42    INFO            OK Freeing der CA
2018-10-04 09:40:42    LEAVE    wolfSSL Leaving AddCA, return 0
2018-10-04 09:40:42    INFO       Processed a CA
2018-10-04 09:40:42    INFO    Processed at least one valid CA. Other stuff OK
2018-10-04 09:40:42    ENTER    wolfSSL Entering SSL_new
2018-10-04 09:40:42    LEAVE    wolfSSL Leaving SSL_new, return 0
2018-10-04 09:40:42    ENTER    wolfSSL Entering SSL_set_fd
2018-10-04 09:40:42    LEAVE    wolfSSL Leaving SSL_set_fd, return 1
2018-10-04 09:40:42    ENTER    wolfSSL Entering wolfSSL_SetTmpDH
2018-10-04 09:40:42    LEAVE    wolfSSL Leaving wolfSSL_SetTmpDH, return 0
2018-10-04 09:40:42    ENTER    wolfSSL Entering SSL_accept()
2018-10-04 09:40:43    INFO    growing input buffer

2018-10-04 09:40:43    INFO    received record layer msg
2018-10-04 09:40:43    ENTER    wolfSSL Entering DoHandShakeMsg()
2018-10-04 09:40:43    ENTER    wolfSSL Entering DoHandShakeMsgType
2018-10-04 09:40:43    INFO    processing client hello
2018-10-04 09:40:43    ENTER    wolfSSL Entering MatchSuite
2018-10-04 09:40:43    ENTER    wolfSSL Entering VerifyServerSuite
2018-10-04 09:40:43    INFO    Requires RSA
2018-10-04 09:40:43    INFO    Verified suite validity
2018-10-04 09:40:43    LEAVE    wolfSSL Leaving DoHandShakeMsgType(), return 0
2018-10-04 09:40:43    LEAVE    wolfSSL Leaving DoHandShakeMsg(), return 0
2018-10-04 09:40:43    INFO    accept state ACCEPT_CLIENT_HELLO_DONE
2018-10-04 09:40:43    INFO    accept state ACCEPT_FIRST_REPLY_DONE
2018-10-04 09:40:43    INFO    growing output buffer

2018-10-04 09:40:43    INFO    Shrinking output buffer

2018-10-04 09:40:43    INFO    accept state SERVER_HELLO_SENT
2018-10-04 09:40:43    INFO    growing output buffer

2018-10-04 09:40:43    INFO    Shrinking output buffer

2018-10-04 09:40:43    INFO    accept state CERT_SENT
2018-10-04 09:40:43    ENTER    wolfSSL Entering SendCertificateStatus
2018-10-04 09:40:43    INFO    accept state CERT_STATUS_SENT
2018-10-04 09:40:43    INFO    Using ephemeral ECDH
2018-10-04 09:40:43    ENTER    wolfSSL Entering GetMyVersion
2018-10-04 09:40:43    INFO    growing output buffer

2018-10-04 09:40:43    ENTER    wolfSSL Entering VerifyRsaSign
2018-10-04 09:40:43    INFO    Shrinking output buffer

2018-10-04 09:40:43    INFO    accept state KEY_EXCHANGE_SENT
2018-10-04 09:40:43    INFO    accept state CERT_REQ_SENT
2018-10-04 09:40:43    INFO    growing output buffer

2018-10-04 09:40:43    INFO    Shrinking output buffer

2018-10-04 09:40:43    INFO    accept state SERVER_HELLO_DONE
2018-10-04 09:40:43    INFO    received record layer msg
2018-10-04 09:40:43    ENTER    wolfSSL Entering DoHandShakeMsg()
2018-10-04 09:40:43    ENTER    wolfSSL Entering DoHandShakeMsgType
2018-10-04 09:40:43    INFO    processing client key exchange
2018-10-04 09:40:43    LEAVE    wolfSSL Leaving DoHandShakeMsgType(), return 0
2018-10-04 09:40:43    LEAVE    wolfSSL Leaving DoHandShakeMsg(), return 0
2018-10-04 09:40:43    INFO    received record layer msg
2018-10-04 09:40:43    INFO    got CHANGE CIPHER SPEC
2018-10-04 09:40:43    INFO    received record layer msg
2018-10-04 09:40:43    ENTER    wolfSSL Entering DoHandShakeMsg()
2018-10-04 09:40:43    ENTER    wolfSSL Entering DoHandShakeMsgType
2018-10-04 09:40:43    INFO    processing finished
2018-10-04 09:40:43    LEAVE    wolfSSL Leaving DoHandShakeMsgType(), return 0
2018-10-04 09:40:43    LEAVE    wolfSSL Leaving DoHandShakeMsg(), return 0
2018-10-04 09:40:43    INFO    accept state  ACCEPT_SECOND_REPLY_DONE
2018-10-04 09:40:43    INFO    accept state  TICKET_SENT
2018-10-04 09:40:43    INFO    growing output buffer

2018-10-04 09:40:43    INFO    Shrinking output buffer

2018-10-04 09:40:43    INFO    accept state  CHANGE_CIPHER_SENT
2018-10-04 09:40:43    INFO    growing output buffer

2018-10-04 09:40:43    INFO    Shrinking output buffer

2018-10-04 09:40:43    INFO    accept state ACCEPT_FINISHED_DONE
2018-10-04 09:40:43    INFO    accept state ACCEPT_THIRD_REPLY_DONE
2018-10-04 09:40:43    INFO    Shrinking input buffer

2018-10-04 09:40:43    LEAVE    wolfSSL Leaving SSL_accept(), return 1
2018-10-04 09:40:43    ENTER    wolfSSL Entering wolfSSL_get_cipher
2018-10-04 09:40:43    ENTER    wolfSSL Entering SSL_get_current_cipher
2018-10-04 09:40:43    ENTER    wolfSSL Entering SSL_CIPHER_get_name
2018-10-04 09:40:43    ENTER    wolfSSL Entering wolfSSL_peek()
2018-10-04 09:40:43    ENTER    wolfSSL Entering wolfSSL_read_internal()
2018-10-04 09:40:43    ENTER    wolfSSL Entering ReceiveData()
2018-10-04 09:40:43    INFO    Embed Receive error
2018-10-04 09:40:43    INFO        Would block
2018-10-04 09:40:43    ERROR    wolfSSL error occurred, error = -323
2018-10-04 09:40:43    LEAVE    wolfSSL Leaving wolfSSL_read_internal(), return -323
2018-10-04 09:40:43    ENTER    wolfSSL Entering SSL_get_error
2018-10-04 09:40:43    LEAVE    wolfSSL Leaving SSL_get_error, return -323


I have 3 certficates. 1 server cert,1 intermidiate cert,1 root CA. root CA is in top of file supplied as argument to wolfSSL_CTX_load_verify_locations.

Please let me know why only server certificate is listed. not intermidiate and rootCA is not included?

i see while processing last 2 certificates we have a message as below
        """""""""""""Certificate Policy extension not supported yet.""""""""""""




Thanks,
Vijay

Go to forum: wolfSSL