SSL_connect on the client will only send the client certificate if the server requests it and sends a list of authority names it will accept, AND the certificate is signed by one of those authority names.
SSL_ERROR_SSL is an error stating that an SSL session couldn't be established, either because of 'no common cipher', or 'SSL/TLS version mismatch', or something else that goes wrong in the initial handshake. See the relevant RFCs for more detail on what can go wrong. -Kyle H On 2/3/06, Ambarish Mitra <[EMAIL PROTECTED]> wrote: > On SSL_connect, the openssl documentation mentions that: "initiate the > TLS/SSL handshake with an TLS/SSL server" > > I have created the client cert and loaded into the context with > "SSL_CTX_use_certificate_file" and the corresponding private key with > "SSL_CTX_use_PrivateKey_file". This association works since the the call > "SSL_CTX_check_private_key" succeeded. > > In SSL_connect, does the client program send out the client certificate to > the server as a part of handshake? > > > Now, my server is Java based, and I do not have much idea on JVM keystores. > It looks like the keystore holds the CA cert and also the server cert. This > CA is also the one who issued the client cert. > > I am getting an error "SSL_ERROR_SSL" with SSL_connect() returning <=0. > > Under what circumstances does SSL_connect return this error? > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
