Hello,
we would like to do our own verification of client certificates, and to
that effect have written a module and a patch to mod_ssl that replaces
the verify callback with our own hook in ssl_hook_Access
(ssl_engine_kernel.c):
APR_OPTIONAL_FN_TYPE(custom_ssl_verify) *cust_verify = NULL;
On Thu, Aug 12, 2004 at 10:29:54AM +0200, Jos Dehaes wrote:
This works, but we don't have access to the cert chain when our callback
is called (SSL_get_peer_cert_chain returns a NULL pointer). Is this
normal (not yet filled in)? Or do we use the wrong callback/hook at the
wrong place?
I think