I have an application that calls "SSL_CTX_load_verify_locations" on a single file that contains multiple CA certificates. It then calls "SSL_load_client_CA_file" on this file to extract the CA subject names. Finally, it calls "SSL_CTX_set_client_CA_list" to set the list of CA subject names that are sent to the client. This all works fine.
However, I would like to add additional code, further on in the process that calls "SSL_CTX_load_verify_locations" again for other certificates to add those certificates to the CA certificates in the SSL context (not overwrite the current certificates). In addition, I would like to call "SSL_CTX_add_client_CA" for each one of these new certificates to add them to the list of CA subject names returned to the client. After adding this additional code, I am seeing the following error: SSL error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Is what I am trying to do supported? If so, is there something I'm doing wrong? If not, is there another way to accomplish this (adding CA certificates from multiple files into a single SSL context)? Thanks, Kevin Kevin Regan Principal Software Engineer F5 Networks
