Hi, In SSL protocol the server is supposed to send the client a list of CA (taht the server trust) for client authentication. The SSL_CTX_set_client_CA_list() is here to setup this list of CA "name". If none are provided the certificate location should be used to do so.
Have a look at the online documentation. http://www.openssl.org/docs/ssl/SSL_CTX_set_client_CA_list.html# hope it could help Fred -------- Message d'origine-------- De: Mark [mailto:[EMAIL PROTECTED] Date: ven. 12/2/2005 2:22 À: openssl-users@openssl.org Cc: Objet: SSL_CTX_set_client_CA_list functions Hi All, Can somebody please explain whether one of the CA_list functions is necessary in a server that needs to authenticate a client? I am using the SSL_CTX_load_verify_locations() to point to the certificates directory containing the root certificate and all client certificates. Is that sufficient? Best Regards, Mark ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
