Info
Hello,
I'm trying to write a Client and a Server program that communicate throw SslStream.
I also want that the Client verify that it knows the Server certificate, and the same thing for the Server.
I create the Server like this :
let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls())?;
acceptor.set_verify(SslVerifyMode::FAIL_IF_NO_PEER_CERT);
acceptor.set_ca_file(ca)?;
acceptor.set_private_key(&key)?;
acceptor.set_certificate(&cert)?;
acceptor.check_private_key()?;
acceptor.build()
and the Client like that :
let connector = {
let mut builder = SslConnector::builder(SslMethod::tls()).unwrap();
builder.set_verify(SslVerifyMode::PEER);
builder.set_ca_file(ca)?;
builder.set_certificate(&cert)?;
builder.set_private_key(&key)?;
builder.build()
};
but I have an error when launching.
On the Server :
the handshake failed: error:0A000412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:../ssl/record/rec_layer_s3.c:1605:SSL alert number 42
And on the Client side :
Failure(MidHandshakeSslStream { stream: SslStream { stream: TcpStream { addr: 127.0.0.1:40522, peer: 127.0.0.1:65013, fd: 3 }, ssl: Ssl { state: "error", verify_result: X509VerifyResult { code: 62, error: "hostname mismatch" } } }, error: Error { code: ErrorCode(1), cause: Some(Ssl(ErrorStack([Error { code: 167772294, library: "SSL routines", function: "tls_post_process_server_certificate", reason: "certificate verify failed", file: "../ssl/statem/statem_clnt.c", line: 1889 }]))) } })
I don't find how to resolve. Could someone help ?
1 post - 1 participant
🏷️ rust_feed