By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
464,728 Members | 1,112 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 464,728 IT Pros & Developers. It's quick & easy.

M2Crypto - Unable to get local issuer certificate

P: 1
I am trying to set up a peer-authentication mechanism using X509 certs/SSL using M2Crypto.

I generate a root CA (issuer & subject = ca_hostC...) on the client (hostC)
I sign the client Cert locally with this CA (issuer: ca_hostC, subject: hostC) and generate a csr on hostS, copy it to hostC, sign it using the root CA, ca_hostc and move the ca_cert and the signed cert to the hostS.

I generate context:
Expand|Select|Wrap|Line Numbers
  1. import M2Crypto.SSL as SSL
  2. ctx = SSL.Context('tlsv1')
  3. ctx.load_cert('x.crt', 'private/x.key')
  4. ctx.load_verify_locations(cafile='ca.crt')
  5.  
I connect:
Expand|Select|Wrap|Line Numbers
  1. s = SSL.Connection(ctx)
  2. s.connect(server_address)
  3.  
but on the client I get
Expand|Select|Wrap|Line Numbers
  1. ERROR: 20
  2. unable to get local issuer certificate
  3.  
however when I print the subject and issuer of the cert received from the server, I see correct info. Also, the cert is verifiable from the openssl command line util.

Any thoughts??
Mar 12 '12 #1
Share this question for a faster answer!
Share on Google+

Post your reply

Sign in to post your reply or Sign up for a free account.