Ah, this is just a sample code just to see if it's working. This is not the full version of application code. :) While making the sample code, I think I made a mistake to put exit code there.
You're right, it shouldn't. But my problem is how to generate/verify the client certificate if there's any difference from the server side certificate. Even without setting the verify funcition, it still has the same problem. Thanks. Dr S N Henson wrote: > Sejin Choi wrote: > > > > Hi, all. > > Thanks for all the advices you all gave me on my previous question > > regarding client certficate question. > > I've attached simple client/server code I've been using to establish SSL > > connection between TCP/IP client/server application program. > > Client side verified server certificate without any problem, however the > > server's error message indicates that the client doesn't have > > certificate. > > Coult you please take a moment to read my simple client/server code and > > give me help to find what the problem is? > > I've been struggling with this for a long time, but unfortunately I > > don't even have a clue why this short,simple code is not working both > > way. > > I'd very,very much appreciate it if you could give me any hint to solve > > the problem. :) > > Thanks and have a great weekend! > > > > Well there's something that immediately strikes me as suspicious: > > > > > static int verify_callback(int ok, X509_STORE_CTX *ctx) { > > > > char *s,buf[256]; > > > > s = > > X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,256); > > if (s!=NULL) { > > cout << "Depth = " << ctx->error_depth << " " << buf << endl; > > } > > else > > cout << "X509_NAME_oneline returned NULL. " << endl; > > exit(0); > > } > > > > Is this doing what I think its doing? Bombing out with exit(0) > unconditionally? > > Steve. > -- > Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ > Personal Email: [EMAIL PROTECTED] > Senior crypto engineer, Gemplus: http://www.gemplus.com/ > Core developer of the OpenSSL project: http://www.openssl.org/ > Business Email: [EMAIL PROTECTED] PGP key: via homepage. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]