Loading FAQ +8 −0 Original line number Diff line number Diff line Loading @@ -47,6 +47,7 @@ OpenSSL - Frequently Asked Questions * Why do I get errors about unknown algorithms? * Why can't the OpenSSH configure script detect OpenSSL? * Can I use OpenSSL's SSL library with non-blocking I/O? * Why doesn't my server application receive a client certificate? =============================================================================== Loading Loading @@ -519,5 +520,12 @@ requiring a bi-directional message exchange; both SSL_read() and SSL_write() will try to continue any pending handshake. * Why doesn't my server application receive a client certificate? Due to the TLS protocol definition, a client will only send a certificate, if explicitely asked by the server. Use the SSL_VERIFY_PEER flag of the SSL_CTX_set_verify() function to enable the use of client certificates. =============================================================================== doc/ssl/SSL_get_peer_certificate.pod +8 −1 Original line number Diff line number Diff line Loading @@ -17,6 +17,12 @@ peer presented. If the peer did not present a certificate, NULL is returned. =head1 NOTES Due to the protocol definition, a TLS/SSL server will always send a certificate, if present. A client will only send a certificate when explicitely requested to do so by the server (see L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>). If an anonymous cipher is used, no certificates are sent. That a certificate is returned does not indicate information about the verification state, use L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> to check the verification state. Loading @@ -43,6 +49,7 @@ The return value points to the certificate presented by the peer. =head1 SEE ALSO L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)> =cut Loading
FAQ +8 −0 Original line number Diff line number Diff line Loading @@ -47,6 +47,7 @@ OpenSSL - Frequently Asked Questions * Why do I get errors about unknown algorithms? * Why can't the OpenSSH configure script detect OpenSSL? * Can I use OpenSSL's SSL library with non-blocking I/O? * Why doesn't my server application receive a client certificate? =============================================================================== Loading Loading @@ -519,5 +520,12 @@ requiring a bi-directional message exchange; both SSL_read() and SSL_write() will try to continue any pending handshake. * Why doesn't my server application receive a client certificate? Due to the TLS protocol definition, a client will only send a certificate, if explicitely asked by the server. Use the SSL_VERIFY_PEER flag of the SSL_CTX_set_verify() function to enable the use of client certificates. ===============================================================================
doc/ssl/SSL_get_peer_certificate.pod +8 −1 Original line number Diff line number Diff line Loading @@ -17,6 +17,12 @@ peer presented. If the peer did not present a certificate, NULL is returned. =head1 NOTES Due to the protocol definition, a TLS/SSL server will always send a certificate, if present. A client will only send a certificate when explicitely requested to do so by the server (see L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>). If an anonymous cipher is used, no certificates are sent. That a certificate is returned does not indicate information about the verification state, use L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> to check the verification state. Loading @@ -43,6 +49,7 @@ The return value points to the certificate presented by the peer. =head1 SEE ALSO L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)> =cut
