hp blade server

priyotoshtsp — Fri, 05 Apr 2019 06:15:33 GMT

During locfg.pl execution in ubuntu 16.04 how this perl script get the SSL key and certificate file.

Basically I want to execute

locfg.pl -f Insert_Virtual_Media.xml -u user -p pass -s IP_of_ILO

But the locfg.pl script gives failure during the creation of socket. I.e., due to the execution of below line.

$socket = IO::Socket::SSL->new(PeerAddr => $server) || die $ConnectionErrorMessage;

The exact error at the client is: "ERROR: SSL connection error."

How the client knows the SSL key and SSL certificate??

Kindly let me know.

Thanks in advance

Re: hp blade server

Guru_Verma — Wed, 10 Apr 2019 23:10:25 GMT

Greetings!
Hope below answers your question - "How the client knows the SSL key and SSL certificate??"

When the client is verifying a certificate, there are three possibilities:

The certificate is signed by a CA that the client already trusts (and for which it knows the public key). In this case the client treats the certificate as valid.
The certificate is signed by a CA about which the client has no knowledge at all. In this case the client treats the certificate as invalid (and the browser will likely display a warning message instead of loading the page).
The certificate is signed by a CA that the client doesn't know, but which has a certificate that is signed by a CA that the client does know. (In this case the server must usually send both its own certificate, and the certificate of the CA - called the "intermediate CA" - that signed its certificate). Since the intermediate CA's certificate is signed by a CA that the client already trusts, it knows can trust it, and since the server's certificate is signed by the intermediate CA, the client knows it can trust it too.