On Tue, Jan 28, 2003 at 11:38:25AM +0530, Chandrasekhar R S wrote: > In my server program, I use SSL_CTX_set_verity(ctx, SSL_VERIFY_PEER | > SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0) to mandate that client cert should be > present. > If present, I use SSL_get_peer_certificate(ssl) to retrieve the client cert. > > In my client program, I use : > > SSL_CTX_use_certificate_file(CTX,CERTF,SSL_FILETYPE_PEM) > SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) > > calls to load a cert and a key into the client.
Use SSL_CTX_check_private_key() to check the correct initialization of the keys. > But, everytime, I run the client and the server, the server complains that > client hasn't presented a cert. Is something else, needs to be done to get > a client cert to the server. Download ssldump from Eric's site and analyze the traffic to see: * whether the client certificate is indeed requested * whether the client does send its certificate or not. > I am using openssl-0.9.7 on HPUX (Unix) systems. I can assure you that it does work on HP-UX :-) serv01 21: uname -a HP-UX serv01 B.10.20 A 9000/780 2002495176 two-user license Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]