> On Sep 11, 2018, at 2:25 AM, Armen Babikyan <armen.babik...@gmail.com> wrote:
>
> I realized that something like this could be an option a few minutes after I
> hit "send". Thanks for the confirmation - I'll give this a shot!
You should also consider what if anything you want to pass to
SSL_CTX_set_client_CA_list(3)
See the docs. Some clients (IIRC Java's TLS stack) don't send any
client certificates unless the server solicits a certificate from
a matching CA, and leaving the list empty may not work for such
clients.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
