Re: OpenSSL command line error: unable to load client certificate private key file
Dr. Stephen Henson
> Hello,
>
> I am building an OpenSSL application to process credit cards. I am
> testing the server implementation with the OpenSSL command line tool
> like this;
>
> $ openssl s_client -connect secure.incab.se/verify/server/click:443
> -cert trusted.cer
>
> The error I receive is;
> unable to load client certificate private key file
> 9613:error:0906D06C:PEM routines:PEM_read_bio:no start
> line:pem_lib.c:644:Expecting: ANY PRIVATE KEY
>
> I have been unable to find information pertaining to this error message
> on the OpenSSL site, and Google is somewhat unhelpful since I am running
> linux and a lot of the URLs Google serves up pertain to Microsoft
> products. I am guessing there is something wrong with the privat key
> file, but I also suspect there may be issues on the server as well.
>
> Does anyone have a tip?
>
If "trusted.cer" is a client certificate you need to include the private key.
If it is one or more trusted CAs in PEM format (only PEM will do) then you
should use the -CAfile option instead.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
deependra baniya
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
Torsha Banerjee <tor...@avaya.com> wrote: Is u r private key in a separa=
te .pem file if it is not, first ensure=20
that...
Jeremiah Foster wrote:
> Hello,
>=20
> I am building an OpenSSL application to process credit cards. I am
> testing the server implementation with the OpenSSL command line tool
> like this;
>=20
> $ openssl s_client -connect secure.incab.se/verify/server/click:443
> -cert trusted.cer
>=20
> The error I receive is;
> unable to load client certificate private key file
> 9613:error:0906D06C:PEM routines:PEM_read_bio:no start
> line:pem_lib.c:644:Expecting: ANY PRIVATE KEY
>=20
> I have been unable to find information pertaining to this error message
> on the OpenSSL site, and Google is somewhat unhelpful since I am runnin=
g
> linux and a lot of the URLs Google serves up pertain to Microsoft
> products. I am guessing there is something wrong with the privat key
> file, but I also suspect there may be issues on the server as well.=20
>=20
> Does anyone have a tip?
>=20
> Thank very much in advance,
>=20
> Jeremiah
>=20
>=20
>=20
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openss...@openssl.org
> Automated List Manager majo...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around=20
http://mail.yahoo.com=20
--0-1040629931-1150008775=:36903
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
<BR><BR><B><I>Torsha Banerjee <tor...@avaya.com></I></B> wrote: <B=
LOCKQUOTE class=3Dreplbq style=3D"PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BO=
RDER-LEFT: #1010ff 2px solid">Is u r private key in a separate .pem file =
if it is not, first ensure <BR>that...<BR><BR>Jeremiah Foster wrote:<BR>&=
gt; Hello,<BR>> <BR>> I am building an OpenSSL application to proce=
ss credit cards. I am<BR>> testing the server implementation with the =
OpenSSL command line tool<BR>> like this;<BR>> <BR>> $ openssl s=
_client -connect secure.incab.se/verify/server/click:443<BR>> -cert tr=
usted.cer<BR>> <BR>> The error I receive is;<BR>> unable to load=
client certificate private key file<BR>> 9613:error:0906D06C:PEM rout=
ines:PEM_read_bio:no start<BR>> line:pem_lib.c:644:Expecting: ANY PRIV=
ATE KEY<BR>> <BR>> I have been unable to find information pertainin=
g to this error message<BR>> on the OpenSSL site, and Google is somewh=
at unhelpful since I am running<BR>>
linux and a lot of the URLs Google serves up pertain to Microsoft<BR>>=
; products. I am guessing there is something wrong with the privat key<BR=
>> file, but I also suspect there may be issues on the server as well.=
<BR>> <BR>> Does anyone have a tip?<BR>> <BR>> Thank very mu=
ch in advance,<BR>> <BR>> Jeremiah<BR>> <BR>> <BR>> <BR>&g=
t; ______________________________________________________________________=
<BR>> OpenSSL Project http://www.openssl.org<BR>> User Support Mail=
ing List openss...@openssl.org<BR>> Automated List Manager majordo=
m...@openssl.org<BR>_______________________________________________________=
_______________<BR>OpenSSL Project http://www.openssl.org<BR>User Support=
Mailing List openss...@openssl.org<BR>Automated List Manager majordo=
m...@openssl.org<BR></BLOCKQUOTE><BR><p> ______________________________=
____________________<br>Do You Yahoo!?<br>Tired of spam? Yahoo! Mail has=
the best spam protection around
<br>http://mail.yahoo.com=20
--0-1040629931-1150008775=:36903--