Ah, this is just a sample code just to see if it's working. This is not the
full version of application code. :)
While making the sample code, I think I made a mistake to put exit code there.
You're right, it shouldn't.
But my problem is how to generate/verify the client certificate if there's any
difference from the server side certificate.
Even without setting the verify funcition, it still has the same problem.
Thanks.
Dr S N Henson wrote:
> Sejin Choi wrote:
> >
> > Hi, all.
> > Thanks for all the advices you all gave me on my previous question
> > regarding client certficate question.
> > I've attached simple client/server code I've been using to establish SSL
> > connection between TCP/IP client/server application program.
> > Client side verified server certificate without any problem, however the
> > server's error message indicates that the client doesn't have
> > certificate.
> > Coult you please take a moment to read my simple client/server code and
> > give me help to find what the problem is?
> > I've been struggling with this for a long time, but unfortunately I
> > don't even have a clue why this short,simple code is not working both
> > way.
> > I'd very,very much appreciate it if you could give me any hint to solve
> > the problem. :)
> > Thanks and have a great weekend!
> >
>
> Well there's something that immediately strikes me as suspicious:
>
> >
> > static int verify_callback(int ok, X509_STORE_CTX *ctx) {
> >
> > char *s,buf[256];
> >
> > s =
> > X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,256);
> > if (s!=NULL) {
> > cout << "Depth = " << ctx->error_depth << " " << buf << endl;
> > }
> > else
> > cout << "X509_NAME_oneline returned NULL. " << endl;
> > exit(0);
> > }
> >
>
> Is this doing what I think its doing? Bombing out with exit(0)
> unconditionally?
>
> Steve.
> --
> Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
> Personal Email: [EMAIL PROTECTED]
> Senior crypto engineer, Gemplus: http://www.gemplus.com/
> Core developer of the OpenSSL project: http://www.openssl.org/
> Business Email: [EMAIL PROTECTED] PGP key: via homepage.
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
