Thank you Steve ..
I try to perform the test with s_server but I believe it does not handle CRL
file ( no option for this apparently) :(
>
> Thank you Dr. Henson for the answer ..
> I feel more ensured ... :)
>
> I achieved to go a little bit further in my test now after having put the
right
> certificate in client side.
> I am quite suprised by the behaviour of my server since when the client
> certificate belongs to the CRL list handled by my server, I have this time the
> handshake error ("no certificate returned"). I was expecting for a message
like
> "CR revoked .." ( the client connexion was refused before I use
> SSL_get_verify_result API as I expected first.)
> Is it the normal behaviour or have I forget to set an option?
>
I'd suggest you set up s_client/s_server with the appropriate certificates and
CRL and see if you get the same results.
Steve.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
