Hi, Lloyd! If you are establishing SSL connection between client and server, and SSL_VERIFY_PEER flag is set, AFAIK server will ask for client certificate during SSL handshake phase.
So why do you need to load clients certs manually? On Mon, 2012-06-04 at 11:06 +0530, Lloyd wrote: > Hi, > > We have a client server application with SSL (open ssl). The server > has a public/private key pair and also "each client" has a > public/private key pair. When client and server communicates they need > to authenticate each other. So we are using the flags SSL_VERIFY_PEER| > SSL_VERIFY_FAIL_IF_NO_PEER_CERT at both the client and server. All the > certificates are self signed. > > Each client is unique, that is each of them has its own private/public > key pair. In order to verify each client, the server needs to load all > the clients certificates (isn't certificate mean public key in this > context?),. Is it possible to load all client certificate? which > openSSL api shoud I use ffor this? > > Thanks a lot, > > Lloyd > > -- Best wishes, Alexander Komyagin ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
