>My guess here is that the client isn't actually
>sending a certificate because it doesn't have one. Are you
>running s_client from the apps directory and/or giving it
>a path to a certificate. Otherwise it will just ignore the
>cert request. SSL_VERIFY_PEER alone doesn't REQUIRE
>a certificate, it just requests it.
>
Well I run s_client like this:
openssl s_client -connect localhost:1111 -verify 1 -cert cert.pem -key
key.pem -CAfile cafile.pem
and when I connect it to a s_server with -Verify 1, the certificates are
transfered and verified ok.
What flag does request a certificate if not SSL_VERIFY_PEER?
>That said, I've got a set of such demo programs that I'm
>planning to release RSN. If you can't get this working let
>me know and I'll send you an early draft.
>
I would be very grateful, if you could send me the drafts, I just need to se
how it works.
>-Ekr
>
>[Eric Rescorla [EMAIL PROTECTED]]
> http://www.rtfm.com/
Ales Golob
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
