In my server program, I have used SSL_CTX_load_verify_locations() and SSL_CTX_set_verify() to add the CA to verify the clients. It can do client-verify job good. But in s_server.c, after the two functions, there is another function: SSL_CTX_set_client_CA_list(). It seems that this function has something to do with client-verify. My question is, why and when do I need SSL_CTX_add_client_CA()? What does it do? Can anyone drop me a light? Thanx. zhang ------------------------------------- ��ӭʹ�ñ����籨�ֵ���ѵ����ʼ�ϵͳ! http://btamail.net.cn or http://mail.bta.net.cn �ͷ����ĵ绰��223 ����ѣ� ��ӭ��169����,�绰:169,�û���:169,����:169. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
