SSL-programming: no client certificate

Richard Kaestner richard.kaestner at
Sat Sep 4 07:00:47 PDT 2004

Hope, this is not too far OT:

I am playing around with a SSL Server / Client 
(from /usr/src/crypto/openssl/demos/ssl/ )

but I am unable to get the client certificate.
The original example works well - without Client Cert.

What I did:

- I copied the code from server.c into the cli.c:
  SSL_CTX_use_certificate_file(ctx, ...,
  SSL_CTX_use_PrivateKey_file(ctx, ...
  SSL_CTX_check_private_key(ctx, ...
  before creating the socket (sd = socket (AF_INET, SOCK_STREAM, 0);)

  I also tried with 
  SSL_use_certificate_file(ssl, ...,
  SSL_use_PrivateKey_file(ssl, ...
  SSL_check_private_key(ssl, ...
  aftre "ssl = SSL_new (ctx);"
  ... also no client cert.

- added  to server.c:
  "SSL_set_verify(ssl, SSL_VERIFY_PEER, 0);"
  "SSL_set_verify_depth(ssl, 0);"

  "client_cert = SSL_get_peer_certificate(ssl);"

whatever I played around, I do not receive the client certificate!

what do I wrong, what am I missing ?????

(using FreeBSD 4.10)

Mit freundlichen Grüßen

Richard Kästner
Woerthgasse 17
2500 Baden

More information about the freebsd-questions mailing list