Can I paste code on a paste site where you can read it and help me?
Thanks
2006/10/7, Vincenzo Sciarra <
[EMAIL PROTECTED]>:
Very Very Usefull
Thanks.
My client is working. Now I'm starting to develop server!
Vincenzo
Bernhard Froehlich ha scritto:
> Vincenzo Sciarra wrote:
>> I want to verify that a client certificate is issued by an acceptable
>> CA.
>> Thanks
> You'd do it the same way as verifying that the server's CA is
> acceptable. Would be something like
>
> * Setting a CA-file or a CA directory containing the acceptable CAs
> into the context with SSL_CTX_load_verify_locations
> * Setting mode ***SSL_VERIFY_PEER* with SSL_CTX_set_verify
> * Possibly also set a callback with SSL_CTX_set_verify or use
> SSL_get_peer_certificate to check for extensions (for example to
> do OCSP or CRL checking)
>
> Hope it helps.
> Ted
> ;)
>
