Hello. I have a problem validating the client. I'm using OpenSSL 0.9.5a for a HTTP server I've written. And as a browser IE 5, and have successfully created a certificate for it with CA.pl and imported it into the browser. But when I connect to my server, comes an error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate:s3_srvr.c:1666: Now, I checked back some of the archives to find out some information. I have set the CAfile to point to demoCA's cacert.pem. And CApath to demoCA/newcerts. Also tried with only CAfile but the same error persists. In the code corresponding to these, I call appropriately (as copied from s_server :) SSL_CTX_set_verify and SSL_CTX_set_client_CA_list Can anyone tell me what I'm doing wrong? And what I need to do. I'm not totally clear about if I'm doing the right thing with setting the paths and file. But I find it strange nevertheless that it gives an error "peer did not return a certificate". Is there something with IE that needs to be set asides importing the certificate, or is this a bug in OpensSSL??? Regards, Ari ______________________________________________ FREE Personalized Email at Mail.com Sign up at http://www.mail.com/?sr=signup ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
