OpenSSL identify reason for "bad certificate"

ssl openssl pyopenssl
18,540

Unfortunately the problem descriptions are fairly limited. Errors are transmitted with TLS alerts. Each alert is only a number without any additional information and there are only few alerts defined, see http://en.wikipedia.org/wiki/Transport_Layer_Security#Alert_protocol. For example there is an alert for an expired certificate, but no alert for a certificate which is not yet valid which would be necessary in your case. So all the client could send back is that the certificate is bad.

Share:
18,540
Tim Tisdall
Author by

Tim Tisdall

Updated on June 09, 2022

Comments

  • Tim Tisdall
    Tim Tisdall almost 2 years

    I'm using pyOpenSSL which is a wrapper for OpenSSL. I had a client program trying to connect to my server and repeatedly was getting sslv3 alert bad certificate on the server. It wasn't until I realized it was due to the client's clock being improperly set that I was able to figure out the issue. I'm guessing that the client saw the server's certs as being dated in the "future" and somehow that resulted in a sslv3 alert bad certificate on the server.

    Is there any way to get better descriptions as to why a particular cert failed? I'm assuming is this case the verification failed on the client side due to the clock not being set right, but the error on the server side is the same as if a bad certificate was sent and the verification failed on the server side.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to upgrade OpenSSL from 1.0.2g to 1.1.0g in Ubuntu and let python recognize the new OpenSSL
How to install OpenSSL for Python
Cannot connect to wss with Flutter
Python SSLError, sslv3 alert handshake failure, for wallhaven.cc
python3 and requests: still getting 'sslv3 alert handshake failure'
LetsEncrypt SSL Error - SSL routines:ssl3_get_record:wrong version number
ssl SSLError outines:SSL_CTX_use_certificate_chain_file:PEM lib
Apache 2.4.37 with openssl 1.1.1: cannot perform post-handshake authentication
The identity of this website has not been verified for openssl
Laravel Guzzle : curl error 77 error setting certificate verify locations