thank you
mohamed ould lemrabott wrote:
Using cli.cpp and serv.cpp as a starting point
I want both the client and server to pass certificates.I added:
SSL_CTX_set_default_verify_paths(ctx);
SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER|SSL_VERIFY_CLIENT_ONCE,
verify_callback);to serv.cpp after the call to SSL_CTX_check_private_key(ctx)
Apparently this is causing the server to request the cert during the
handshaking, because now I get an error:
10664:error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no
certificate returned:../../openssl-0.9.4/ssl/s3_srvr.c:1626:In cli.cpp I added the two lines between SSL_new () and SSL_set_fd()
ssl =3D SSL_new (ctx)
SSL_use_certificate_file(ssl, "client.pem", SSL_FILETYPE_PEM)
SSL_use_PrivateKey_file(ssl, "client.pem", SSL_FILETYPE_PEM)
SSL_set_fd (ssl, sd);Does anybody know what I'm missing that is causing the client
not to send it's certificate?Thanks,
mohamed ould lemrabott______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
-- Albert SERRA =========================================== Integrated Systems Laboratory (DE/LSI-EPFL) email: [EMAIL PROTECTED]
begin: vcard fn: Albert Serra Pages n: Serra Pages;Albert adr: Residence Marcolet ;;Pre-Fontaine 12 Ch. 23;1023 Crissier; ;;Switzerland email;internet: [EMAIL PROTECTED] x-mozilla-cpt: ;0 x-mozilla-html: FALSE version: 2.1 end: vcard
