> Zhong Chen wrote:
>
> Is there any SSL_CTX_* function to force the client sending
> certificate after server sends "Server Hello"? It's an optional step
> in SSL handshake, and I want to make it mandatory (doable?). It will
> be very helpful if you can point me to an example. Thanks.
>
That would be illegal in the SSL and TLS specs. Any compliant SSL or TLS
implementation would give a fatal alert if the client sent a certiifcate
and the server did not request one.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
