This is a discussion on Re: SSL_CTX_use_PrivateKey key value mismatch - Openssl ; On Thu, Nov 06, 2008, BiGNoRm6969 wrote: > > Hi, here is my problem: > > I first created a private RSA key with the argument -passout pass:123456 > After that I create the certificate with this the argument -passin: ...
On Thu, Nov 06, 2008, BiGNoRm6969 wrote:
> Hi, here is my problem:
> I first created a private RSA key with the argument -passout pass:123456
> After that I create the certificate with this the argument -passin: 123456
> In my code I do that:
> static char keyfile = "C:/MyKeyFile.pem";
> FILE* fp = fopen( keyfile, "r");
> pem_password_cb* pem_cb = (pem_password_cb*)123456;
> EVP_PKEY* test_key = PEM_read_PrivateKey(fp, NULL, pem_cb, NULL);
> SSL_CTX_use_certificatefile(SSL_context, MYDEFINEDCERTIFICATEFILE,
> SSL_CTX_use_PrivateKey(SSL_context, test_key);
> The last function always returns the error 185073780 from ERR_get_error()
> (certificate routines:X509_check_private_key:key values mismatch).
> I don't know how to fix my error. Previously I was using normal (not
> encrypted) private key and certificate (without -passout and -passin in the
> jey and certificate generation) and everything works well. Since I try to
> use encrypted private key nothing works.
> Can someone help me ?
I suspect test_key is NULL and I'm surprised that doesn't crash, because you
are setting a garbage numeric value for the callback.
To use a passphrase as a string you set pem_cb to 0 and include the string as
the last argument:
EVP_PKEY* test_key = PEM_read_PrivateKey(fp, NULL, 0, "123456");
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
OpenSSL Project http://www.openssl.org
User Support Mailing List firstname.lastname@example.org
Automated List Manager email@example.com