what all(function calls) i need to do for mutual authentication ? I have searched a lot, but didn't find anything meanigful. can anybody help me doing this ? Please help me.
A:
The function calls you are looking for are the SSL_set_verify() family. On the server side, specifying SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT requires a valid client certificate. On the client side, just SSL_VERIFY_PEER is needed.
Both sides must also ensure that anonymous ciphers are not allowed in their specified cipher list (set with SL_CTX_set_cipher_list()).
caf
2010-08-27 03:45:16
@caf: I have used this, when i am trying to write it is returning -1.Can u tell me where I can be wrong ?
bharat
2010-08-27 08:31:19
@bharat: Not from that little information. Dump the actual errors with `ERR_print_errors_fp(stderr);` (and call `SSL_load_error_strings()` at program startup to make sure you have the error strings available).
caf
2010-08-27 09:03:58