Hi there., Have some queries on the way IE is handling SSL Renegotiation.
1. Whenever IE receives a "Client Cert" req from the Server, say when it is talking for the 1st time (IE gonna connect to this ssl server for the very 1st time), it immediately closes the TCP connection abrubtly by sending a FIN..now is this coz of some errors on the Server? The next connection from IE to the server, works fine and the client cert is sent out and renegotiation is completed on the same TCP connection..what I further notice is this is happening everytime I switch the Server CTX from "SSL_VERIFY_NONE" to "SSL_VERIFY_PEER" and vice versa..why is there is extra TCP connection? 2. When there are no client certs configured on the IE, it seems to send NULL Certificate..I mean I see the "certificate" message go out..but has ZERO payload length!!!? Can Openssl validate this? 3. Once the ssl renegotiation is through, how can the application know that the renegotiation succeeded and the client cert that was got is correct? By manipulating the SSL_OBJ i lose all the previous connection specific data.. I really dont know why SSL Renegotiation is happening over 2 TCP connections via IE..anyone experienced this before? Mozilla/Netscape are working A-OK.. Thanks --Gayathri ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]