Hi, In continuation with post: http://openssl.6102.n7.nabble.com/SSL-Verify-Question-tp17908.html which says that with Anonymous ciphers, certificates won't be exchanged and hence won't be verified.
However, I do want to ensure sure that no matter what, I am never sending requests to the server without verification. Will it be possible if my application is using an eNULL cipher (with Authentication ciphers enabled)? e.g. "TLS_RSA_WITH_NULL_SHA" "Certificate exchange will be mandatory in case Authentication ciphers are used": Is this statement correct? Thanks in Advance for all your help. Regards, Deepti -- View this message in context: http://openssl.6102.n7.nabble.com/Are-certificates-exchanged-in-for-eNULL-ciphers-tp48952.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
