Hello,

it seems that there are some incompatibilities out there. For some hosts
establishing a SSL connection fails, when using openssl, but it succeeds when
using a browser. This in one example:

F:\openssl>openssl.exe s_client -connect bshop.esprit.com:443
Loading 'screen' into random state - done
CONNECTED(00000778)
depth=1 /C=GB/O=Comodo Limited/OU=Comodo Trust Network/OU=Terms and Conditions of
use: http://www.comodo.net/repository/OU=(c)2002 Comodo Limited/CN=Comodo Class 3
Security Services CA
verify error:num=20:unable to get local issuer certificate
verify return:0
3056:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not
01:.\crypto\rsa\rsa_pk1.c:100:
3056:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPTadding check failed:.\c
rypto\rsa\rsa_eay.c:580:
3056:error:1408D07B:SSL routines:SSL3_GET_KEY_EXCHANGE:bad signature:.\ssl\s3_cl
nt.c:1189:

I have seen the "RSA_padding_check_PKCS1_type_1" when verifying a CRL, too.

Can anybody explain it and give me a hint how I can connect with openssl to that
host? Maybe there is a compatibility switch?

Thanks
Jan
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org