[racket] outgoing https requests with client certificate with plt 4.2.5

From: Neil Van Dyke (neil at neilvandyke.org)
Date: Mon Sep 13 04:39:06 EDT 2010

Some more info, in case someone else hits this problem and needs to 
debug before I can get back to it...

After dumbing-down the crypto in use for SSL so that Wireshark could 
decrypt... It appears that PLT (for whatever reason, possibly my data) 
is not sending the client certificate or doing verify of it.  *That is 
the problem.*  PLT then proceeds to send the HTTPS client request 
fragmented into "segments" of 2-15 bytes each, which is suspicious (but 
I imagine might be due to using a connection that hasn't been negotiated 
properly).  Instead of sending an HTTPS response, the server starts new 
handshaking, which seems reasonable, given that the client didn't 
authenticate.

Where I left off debugging: Perhaps there's a problem with my data or 
how I'm using the PLT openssl library, that results in the client cert 
not being sent.  Or perhaps the PLT openssl library is missing some 
nuance of what needs to be done for client certificates.

Hopefully I will be able to spend a little more time debugging this on 
Monday.

-- 
http://www.neilvandyke.org/



Posted on the users mailing list.