5 years, 3 months ago.

error:04091068:rsa routines:int_rsa_verify:bad signature

Hi everyone,

I am using openssl-1.0.2p in WEC7 client device and using openssl-1.1.1 in Ubuntu 18.10 server machine.Server is running hostapd.When client is trying to connect to server by EAPTLS method using TLSv1.2 ,while certificate verify server is giving the below error.

"SSL: SSL3 alert: write (local SSL3 detected an error):fatal:decrypt error" "OpenSSL: openssl_handshake - SSL_connect error:04091068:rsa routines:int_rsa_verify:bad signature"

When i traced int_rsa_verify API in server ,i found that decrypted data is not same as encoded data ,that is the reason for this error.

But the fact is with same certificates and same server and client setup ,client got connected to server with TLSv1.0 . When TLSv1_client_method() is replaced by TLSv1_2_client_method() ,i am facing this issue. Client side i am not getting any errors.

Can anyone help me in fixing or debugging this issue???Got struck in this ,any help will be greatly needed. Thanks in advance