> > is there any reasonable way how to copy certificate (and > private key) from > SSL_CTX to SSL object if > > certificate in SSL_CTX is changed? > > Are you asking if you can change the key and certificate > being used by a > session that's already in progress?
My question is not "if" but "how". I hope I have found quite good solution. I will use SSL_use_certificate_ASN1() and SSL_use_RSAPrivateKey_ASN1() for server socket (running in server thread) and then I will copy it (in client treads) into client sockets with: SSL_use_certificate(c_ssl, SSL_get_certificate(s_ssl)) SSL_use_PrivateKey(c_ssl, SSL_get_privatekey(s_ssl)) Of course renegotiation for all clients will be performed. Tomas ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
