Claus Assmann <[EMAIL PROTECTED]>: >> Ed Kasky <[EMAIL PROTECTED]>:
>>> 27781:error:140890E9:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:tls peer did >>> not respond with certificate list:s3_srvr.c:1638: > AFAIK the client can respond with an empty list (RFC 2246, section > 7.4.6). This is what sendmail (using OpenSSL) does when it acts > as client and no client cert is available. > > The question is whether Eudora is broken and should respond with > an empty list too. It is broken, but the solution to Ed's problem is to simply disable TLS 1.0 support in Eudora. (SSL 3.0 is specified differently, and the Eudora behaviour of not sending a certificate list when no appropriate certificate is available is correct for SSL 3.0.) -- Bodo Möller <[EMAIL PROTECTED]> PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html * TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt * Tel. +49-6151-16-6628, Fax +49-6151-16-6036 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
