Hi Michael, I have not implemented a rehandshake but as I understand, it can be pretty complicated. Searching for "OpenSSL rehandshake" on google pointed me to this article (http://www.rtfm.com/openssl-examples/part2.pdf) by Eric Rescorla, describing the rehandshake in detail. Hope this helps.
Ashish. From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Michael Prinzinger Sent: Wednesday, September 23, 2009 2:02 PM To: openssl-users@openssl.org Subject: Re: verify client certificate at a later point Thank You Ashish for your answer! On Wed, Sep 23, 2009 at 10:30 PM, Ashish Thapliyal <ashish.thapli...@citrix.com<mailto:ashish.thapli...@citrix.com>> wrote: I set the following for the global context which is used to create the connection: // Set the SSL certificate verify mode SSL_CTX_set_verify(_globalContext, SSL_VERIFY_PEER, NULL); Then the server requests the peer (i.e. the client) for a certificate during the handshake, which the client can either ignore, or provide. yes I want the client to provide a certificate. this also works, if I set the globalContext like above However at this point the server cannot yet verify the client's certificate. So calling BIO_do_connect(BIO* client_socket) returns -1, because the client certificate could not be verified. The other option is to do a handshake without asking for a client certificate first, then do a re-handshake and ask the client for a certificate when required. Yes this would work. Because later the server will get the client certificate in a secure fashion. So how can I redo the handshake? I do not want to close and open the connection a new, just ask the client again for its certificate. Do you know how to do that? Thank You! Michael Ashish ______________________________________________________________________________________________________ Ashish V. Thapliyal, Security Architect, Citrix Online Division, 6500 Hollister Ave, Goleta, CA 93117. V: +1 (805) 690 2908. From: owner-openssl-us...@openssl.org<mailto:owner-openssl-us...@openssl.org> [mailto:owner-openssl-us...@openssl.org<mailto:owner-openssl-us...@openssl.org>] On Behalf Of Michael Prinzinger Sent: Wednesday, September 23, 2009 1:05 PM To: openssl-users@openssl.org<mailto:openssl-users@openssl.org> Subject: verify client certificate at a later point Dear OpenSSL group, I have a somewhat curious setting (without CAs) about routing information along several nodes: [1] first an unkown client establishes a connection to a known server thus I set SSL_CTX_set_verify(this->ctx, SSL_VERIFY_NONE, NULL); and let the client verify the servers certificate, like this X509* x509 = SSL_get_peer_certificate(s); CHECK(x509 != NULL); //check certificate long certVerifyResults = SSL_get_verify_result(s); if(certVerifyResults != X509_V_OK) throw SSLException("Error! Certificate could not be verified.\n); //free x509 X509_free(x509); [2] now a secure connection is established on it the server receives data encrypted with the servers public key, so only it can read it in the data is information about the next node and the previous node now the server knows the ssl certificate of the previous node and thus wants to check it, since the verify mode is still set to server only, we set it a new SSL_CTX_set_verify(this->ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); [3] if the server now runs the code above X509* x509 = SSL_get_peer_certificate(s); CHECK(x509 != NULL); //check certificate long certVerifyResults = SSL_get_verify_result(s); if(certVerifyResults != X509_V_OK) throw SSLException("Error! Certificate could not be verified.\n); //free x509 X509_free(x509); x509 will be NULL. This is probably because the handshake has already taken place. So there simply is no client certificate. Now I am trying to find a way around this problem, but failed so far. It would be nice to either find a way that both certificates are exchanged during handshae, but only the server one is verified at first or to find a way to request a certificate from the client at a later point. Has anyone an idea, how this could be achieved with the OpenSSL API? Thank You Very Much! Michael