Hi, all!
Can you clear me one question about certificate verification?
My SSL-enabled server, written with OpenSSL-0.9.6, accepting client
(browser) connections with SSL_CTX ctx, previously initialized as:
int VerifyMode = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
SSL_VERIFY_CLIENT_ONCE;
int VerifyDepth = 6;
SSL_CTX_set_verify(ctx, VerifyMode, SSL_verify_callback);
SSL_CTX_set_verify_depth(ctx, VerifyDepth);
however server asks for client certificate at _every_ connection -
browser displays corresponding dialog.
What I do wrong? Is SSL_VERIFY_CLIENT_ONCE not sufficient condition to
ask certificate
only once?
--
WBR, Oleg Amiton
Epsylon Technologies
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]