[Boost-users] asio ssl handshake error
265 views
Skip to first unread message
Lloyd
Jun 1, 2012, 5:52:06 AM6/1/12
to Boost Users
Hi,
We are using SSL for secure communication. In this both the parties verify each other (ctx.set_verify_mode(boost::asio::ssl::context::verify_peer|boost::asio::ssl::context::verify_fail_if_no_peer_cert);). Both the communicating parties uses self signed certificates. Both client and server loads the each others public key for peer verification, for that we use the call ctx.load_verify_file().
At the client side when we call "load_verify_file()" only once with the other parties public key it works perfectly. If we load one more public key of some other application again using "load_verify_file()" the peer authentication fails. So what I understood is "load_verify_file()" loads only one latest certificate, but the documentation says it can be used for loading one or more CA files.
To solve this, I also merged the two certificates into one file and tried loading it. If the valid certificate is in the second position in the file the verification is performed successfully. Otherwise it fails!!
What could be the reason, is there any method available for peer authentication?
Thanks,
Lloyd
We are using SSL for secure communication. In this both the parties verify each other (ctx.set_verify_mode(boost::asio::ssl::context::verify_peer|boost::asio::ssl::context::verify_fail_if_no_peer_cert);). Both the communicating parties uses self signed certificates. Both client and server loads the each others public key for peer verification, for that we use the call ctx.load_verify_file().
At the client side when we call "load_verify_file()" only once with the other parties public key it works perfectly. If we load one more public key of some other application again using "load_verify_file()" the peer authentication fails. So what I understood is "load_verify_file()" loads only one latest certificate, but the documentation says it can be used for loading one or more CA files.
To solve this, I also merged the two certificates into one file and tried loading it. If the valid certificate is in the second position in the file the verification is performed successfully. Otherwise it fails!!
What could be the reason, is there any method available for peer authentication?
Thanks,
Lloyd
Reply all
Reply to author
Forward
0 new messages