[RCF-OPENSSL] Error in client

RCF support and general discussion.
Post Reply
iiakhilesh
Posts: 4
Joined: Mon Jan 20, 2014 5:27 am

[RCF-OPENSSL] Error in client

Post by iiakhilesh »

Hi Jarl,

I am trying out openssl transport security.

Server side works fine ::
RCF::CertificatePtr serverCertPtr( new RCF::PemCertificate("C:\\serverCert.pem", "password") );
server.setCertificate(serverCertPtr);


Client side i have implemented callback function ::
bool opensslValidateCert(RCF::Certificate * pCert){ return true;}
client.getClientStub().setCertificateValidationCallback(&opensslValidateCert);

which gives me following error at client ::
Open-Caught RCF exception:Failed to load OpenSSL certificate file. File: rcf_srv.pem. OpenSSL error: 140195642599040:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:696:Expecting: TRUSTED CERTIFICATE
140195642599040:error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib:ssl_rsa.c:729:


Compiling on gcc, included OpenSslEncryptionFilter.hpp
Please suggest a solution.
Thanks

acDev
Posts: 27
Joined: Tue Oct 08, 2013 3:08 pm
Location: Moscow
Contact:

Re: [RCF-OPENSSL] Error in client

Post by acDev »

iiakhilesh wrote:Expecting: TRUSTED CERTIFICATE

Code: Select all

# 1. Create Root private key
openssl genrsa -out rcf_root.key 2048

# 2. Create self-signed Root certificate
openssl req -new -key rcf_root.key -x509 -out rcf_root.crt -days 5000 -sha256

# 3. Create CA private key
openssl genrsa -out rcf_ca.key 2048

# 4. Create CA CSR
openssl req -new -key rcf_ca.key -out rcf_ca.csr -days 5000

# 5. Sign and create CA certificate
openssl x509 -req -in rcf_ca.csr -CA rcf_root.crt -CAkey rcf_root.key -out rcf_ca.crt -set_serial 2 -days 5000 -sha256

# 6. Create Server private key
openssl genrsa -des3 -passout file:passphrase.txt -out rcf_srv_crypted.key 2048
openssl rsa -in rcf_srv_crypted.key -passin file:passphrase.txt -out rcf_srv.key

# 7. Create Server CSR
openssl req -new -key rcf_srv.key -out rcf_srv.csr -days 5000

# 8. Sign and create Server certificate
openssl x509 -req -in rcf_srv.csr -CA rcf_ca.crt -CAkey rcf_ca.key -out rcf_srv.crt -set_serial 3 -days 5000 -sha256

# 9. Generate Server PEM-file (TRUSTED CERTIFICATE)
(nix) cat rcf_srv.crt rcf_srv_crypted.key > rcf_srv.pem
(win) copy /b /Y rcf_srv.crt+rcf_srv_crypted.key rcf_srv.pem
rcf_srv.pem - TRUSTED CERTIFICATE for RCF-Server
passphrase.txt - contains pass phrase for Private RSA key (into rcf_srv.pem)
rcf_ca.crt - CA certificate

jarl
Posts: 238
Joined: Mon Oct 03, 2011 4:53 am
Contact:

Re: [RCF-OPENSSL] Error in client

Post by jarl »

Thanks acDev - I think that should take care of it.
Kind Regards

Jarl Lindrud
Delta V Software
http://www.deltavsoft.com

Post Reply