enable bitcoin SSL error

Question

I want to enable SSL on windows.So I download a shining light openssl binary,and then I create server.pem and server.cert using the following commands:

openssl genrsa -out server.pem 2048
 openssl req -new -x509 -nodes -sha1 -days 3650 -key server.pem > server.cert

and then I start bitcoin-qt with bat:

bitcoin-qt.exe -testnet -datadir=G:\BitcoinData-Testnet -conf=bitcoin.conf -server -rpcuser=usr -rpcpassword=pwd -rpcport=18332 -rpcallowip=* -rpcssl -rpcsslcertificatechainfile=server.cert -rpcsslprivatekeyfile=server.pem -txindex -lang=en_US

then I try to test SSL by executing commands:

openssl s_client -connect localhost:18332

the response is:

E:\apps\Bitcoin>openssl s_client -connect localhost:18332
Loading 'screen' into random state - done
CONNECTED(000001C4)
9032:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:.\ssl\s23_lib
.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 319 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

E:\apps\Bitcoin>openssl genrsa -out server.pem 2048
Loading 'screen' into random state - done
Generating RSA private key, 2048 bit long modulus
....................+++
...........................................+++
unable to write 'random state'
e is 65537 (0x10001)

can somebody help me ? is server.pem produced correctly?

score 1 · Accepted Answer · answered Jul 16 '14 at 07:20

1

found out the issue,I'm running bitcoin in testnet while I put server.pem and server.cert in the data dir not under the "testnet3".As I moved the two files,things be OK.

answered Jul 16 '14 at 07:20

DISSIDIA-嘎嘎

21
6

score 1 · Answer 2 · answered Jul 16 '14 at 13:24

1

For more information you can follow these instructions
https://en.bitcoin.it/wiki/Enabling_SSL_on_original_client_daemon

answered Jul 16 '14 at 13:24

user3392193

21
3

enable bitcoin SSL error

2 Answers2