From owner-freebsd-questions@FreeBSD.ORG Sat Sep 4 14:00:47 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 023E716A4CE for ; Sat, 4 Sep 2004 14:00:47 +0000 (GMT) Received: from richardkaestner.com (212-88-187-192.ADSL.ycn.com [212.88.187.192]) by mx1.FreeBSD.org (Postfix) with SMTP id C089F43D41 for ; Sat, 4 Sep 2004 14:00:45 +0000 (GMT) (envelope-from rfk@richardkaestner.com) Received: (qmail 4701 invoked from network); 4 Sep 2004 14:00:36 -0000 Received: from pc-01034.richardkaestner.com (HELO sv01.rfk.priv) (10.200.4.10) by stargate.richardkaestner.com (10.200.254.254) with ESMTP; 04 Sep 2004 14:00:36 -0000 Received: by sv01.rfk.priv (Postfix, from userid 1001) id 974611007E; Sat, 4 Sep 2004 16:00:35 +0200 (CEST) From: Richard Kaestner To: freebsd-questions@freebsd.org Date: Sat, 4 Sep 2004 16:00:35 +0200 User-Agent: KMail/1.6.2 MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-15" Content-Transfer-Encoding: quoted-printable Message-Id: <200409041600.35169.richard.kaestner@ycn.com> Subject: SSL-programming: no client certificate X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: richard.kaestner@ycn.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Sep 2004 14:00:47 -0000 Hope, this is not too far OT: I am playing around with a SSL Server / Client=20 (from /usr/src/crypto/openssl/demos/ssl/ ) but I am unable to get the client certificate. The original example works well - without Client Cert. What I did: =2D I copied the code from server.c into the cli.c: SSL_CTX_use_certificate_file(ctx, ..., SSL_CTX_use_PrivateKey_file(ctx, ... SSL_CTX_check_private_key(ctx, ... before creating the socket (sd =3D socket (AF_INET, SOCK_STREAM, 0);) I also tried with=20 SSL_use_certificate_file(ssl, ..., SSL_use_PrivateKey_file(ssl, ... SSL_check_private_key(ssl, ... aftre "ssl =3D SSL_new (ctx);" ... also no client cert. =2D added to server.c: "SSL_set_verify(ssl, SSL_VERIFY_PEER, 0);" "SSL_set_verify_depth(ssl, 0);" "client_cert =3D SSL_get_peer_certificate(ssl);" whatever I played around, I do not receive the client certificate! what do I wrong, what am I missing ????? (using FreeBSD 4.10) =2D-=20 Mit freundlichen Gr=FC=DFen Richard K=E4stner EDV-Beratung Woerthgasse 17 2500 Baden Austria