In my server program, I have used SSL_CTX_load_verify_locations() and SSL_CTX_set_verify() to add the CA to verify the clients. It can do client-verify job good. But in s_server.c, after the two functions, there is another function: SSL_CTX_set_client_CA_list(). It seems that this function has something to do with client-verify. My question is, why and when do I need SSL_CTX_add_client_CA()? What does it do? Can anyone drop me a light? Thanx. zhang ------------------------------------- 欢迎使用北京电报局的免费电子邮件系统! http://btamail.net.cn or http://mail.bta.net.cn 客服中心电话:223 (免费) 欢迎拨169上网,电话:169,用户名:169,口令:169. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
