I have posted a similar message earlier. Hoping to convey self better and
get some help this time around.
I have the following scenario -
Client Cert -- Tunnel Server - Tunnel Client -- Backend server.
The requirement is to pass the Client Cert to the Backend server.
I could extract the Client Cert at the Tunnel Server. Tunnel Server and
Tunnel client reside in the same program on a machine, hence Tunnel Server
can pass on Client Cert to Tunnel Client without much ado.
Now in the my Tunnel Client program, I use SSL_use_certificate(ctx, X509*).
The X509* pointer contains the Client Cert which the Tunnel Server has just
extracted.
But then I dont have the private key for the Client Cert at the Tunnel
Client. Hence I could not do a SSL_CTX_use_PrivateKey(ctx,...) at the
Tunnel Client.
My question is, "Is it possible to just give a Cert for an SSL connection
(like giving SSL_use_certificate()) without a corresponding
SSL_use_PrivateKey(..) call made, and expect SSL to somehow generate its own
keys but take our certificate?"
with thanks
rsr.
Namaste,
R S Chandrasekhar
[EMAIL PROTECTED]
ISD : 091-080-2051166
Telnet : 847-1166
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
