One question about custom certificate checks:

I have written a custom "verify_callback" function
which returns true always. That is, I accept any
certificate chain.

Also I use:

ctx.set_verify(SSL.verify_peer |
SSL.verify_fail_if_no_peer_cert, depth=9,
callback=verify_callback)

option both in client and server. 

Does this mean that certificates are still checked for
ownership (by using a challenge-response)? Or does the
openssl skip challenge-response for client and server?

Thanks,
Soner





      
____________________________________________________________________________________
Park yourself in front of a world of choices in alternative vehicles. Visit the 
Yahoo! Auto Green Center.
http://autos.yahoo.com/green_center/ 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to