|
July 07, 2014, 07:54:15 AM |
|
I want to enable SSL on windows.So I download a shining light openssl binary,and then I create server.pem and server.cert using the following commands:
openssl genrsa -out server.pem 2048 openssl req -new -x509 -nodes -sha1 -days 3650 -key server.pem > server.cert
and then I start bitcoin-qt with bat: bitcoin-qt.exe -testnet -datadir=G:\BitcoinData-Testnet -conf=bitcoin.conf -server -rpcuser=usr -rpcpassword=pwd -rpcport=18332 -rpcallowip=* -rpcssl -rpcsslcertificatechainfile=server.cert -rpcsslprivatekeyfile=server.pem -txindex -lang=en_US
then I try to test SSL by executing commands: openssl s_client -connect localhost:18332
the response is: E:\apps\Bitcoin>openssl s_client -connect localhost:18332 Loading 'screen' into random state - done CONNECTED(000001C4) 9032:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:.\ssl\s23_lib
.c:177:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 319 bytes
New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE
Expansion: NONE
E:\apps\Bitcoin>openssl genrsa -out server.pem 2048 Loading 'screen' into random state - done Generating RSA private key, 2048 bit long modulus ....................+++ ...........................................+++ unable to write 'random state' e is 65537 (0x10001) can somebody help me ? is server.pem produced correctly?
|