I hope this information helps. -Kyle HThank you for your response and information about the proxies. I now have a feeling that to write a verification callback function, I will need to retrieve the information stored in the certificate that the peer has sent to me.
If you want to make HTTPS connection, take a look a libcurl, at leastyou can get inspried by the code tat validates a server certficate. It is not
a callback, it does it after the handshake.
So now, the follow-up questions are: 1) If my server has not received any certificate so far, how can it request for it?
It depends on the CA, it depends on whether you have hardware keys etc.
2) Once the certificate is available to my program, how can I retrieve the information in the certificate? I believe , given that the certificate is in a particular format (x509 ?), the information can be retrieved as a C structure (or something alike), which then can be used to test each individual piece of information. Could you point me to APIs that will allow me to achieve this?
See above (libcurl) in ssluse.c
Thanks, ~ Urjit DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Pvt. Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Pvt. Ltd. does not accept any liability for virus infected mails. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
smime.p7s
Description: S/MIME Cryptographic Signature
