On Sat, Nov 15, 2003 at 06:40:26PM -0500, David wrote: > What kind of voodoo is required to get a client to send a cert? > > Both client and server are calling SSL_CTX_use_certificate_file() and > SSL_CTX_use_PrivateKey_file(), and the server is calling > SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL). > > Despite this, SSL_get_peer_certificate (*ssl) returns a cert on the > client but the server dies, spitting out: > 7532:error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no > certificate returned:s3_srvr.c:1988: > > It looks like both certs are actually being passed, based on a network > trace. > > What am I missing?
Maybe the server to send list of acceptable SSL client CA certificates SSL_CTX_set_client_CA_list() > I'm using RH9's stock libraries (0.9.7a), and working with the demo/ssl > code in the openssl source package from openssl.org. -- Naina library: http://www.unity.net/~vf/naina_r1.tgz ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
