Dear fellow developers,
I am experiencing some problems with a product we released. We rely on a public/private key architecture. The client connects to our server and we check to see if the certificate the client had was signed by us. I do this by checking to see if I can even get a client certificate. From my understanding if the client does not have a trusted certificate signed by the same CA as the server or by a trusted CA the server will not receive the certificate ( from the applications point of view). I do a SSL_get_peer_certificate and everything works for a while. But all of a sudden I never get a certificate from the client. This causes our server to think the client isn't validated. The only way we seem to be able to fix this is to re-create all new certificates. The certificates are set to expire in a year but the problem occurs within weeks/months of deployment and continues to happen. Does anyone have any insight on how this could be happening? Thank you for your time.
-------------------------------------
Andrew T. Finnell
Software Engineer
eSecurity Inc
(321) 394-2485
