_____________________________________________________________
Carlos
Serr�o
[EMAIL PROTECTED]
http://adetti.iscte.pt/~cjcs
DCTI - IS/IT Department IS/IT
Research and Development
ADETTI/ISCTE - Av.Forcas
Armadas 1600-082 LISBOA Portugal
Tel.:
+351217903064/+351217903901
Fax: +351217935300
----- Original Message -----
Sent: Thursday, August 31, 2000 1:06
AM
Subject: Getting client certificate
!
Hi all,
I am developing a client-server application and I
would like the server to verify the client certificate too.
These are the steps that I have followed on the serber
side :
SSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE, NULL);
SSL_CTX_use_certificate_file(ctx,
CERTF, SSL_FILETYPE_PEM)
SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM)
SSL_CTX_check_private_key(ctx)
SSL_CTX_load_verify_locations(ctx,
CAFILE, NULL);
SSL_CTX_set_default_verify_paths(ctx);
SSL_CTX_set_client_CA_list(ctx,
SSL_load_client_CA_file(CAFILE));
where CAFILE contains the client
certificate.
The problem is that when the client connects to the
server it suddenly break with the error :
....no certificate
returned...
So it seems that the client hasno certificate or it
has not loaded it.
But on the client side I have :
SSL_CTX_use_certificate_file(ctx, CERTF,
SSL_FILETYPE_PEM)
SSL_CTX_use_PrivateKey_file(ctx, KEYF,
SSL_FILETYPE_PEM)
SSL_CTX_check_private_key(ctx)
where CERTF contains the client certificate
!
It's two days that I am trying to understand what is wrong but I cannot
figure it out !!!
What I have to do in order to get the client certificate ?
Any suggestion will be VERY appreciated.
Thanks in advance,
Paolo
