aboutsummaryrefslogtreecommitdiffstats
path: root/FAQ
diff options
context:
space:
mode:
authorLutz Jänicke <jaenicke@openssl.org>2001-04-17 13:18:56 +0000
committerLutz Jänicke <jaenicke@openssl.org>2001-04-17 13:18:56 +0000
commit197322455d61829572d1792da03e4d0750d5638a (patch)
tree9f88bccd3f0c969a3a7e07c62c848df26e592975 /FAQ
parent4f19a0672ba358fbfa1877c60c1ae02ea35ba1e1 (diff)
downloadopenssl-197322455d61829572d1792da03e4d0750d5638a.tar.gz
Clarify request of client certificates. This is a FAQ.
Diffstat (limited to 'FAQ')
-rw-r--r--FAQ8
1 files changed, 8 insertions, 0 deletions
diff --git a/FAQ b/FAQ
index e9cc698100..019c016beb 100644
--- a/FAQ
+++ b/FAQ
@@ -47,6 +47,7 @@ OpenSSL - Frequently Asked Questions
* Why do I get errors about unknown algorithms?
* Why can't the OpenSSH configure script detect OpenSSL?
* Can I use OpenSSL's SSL library with non-blocking I/O?
+* Why doesn't my server application receive a client certificate?
===============================================================================
@@ -519,5 +520,12 @@ requiring a bi-directional message exchange; both SSL_read() and
SSL_write() will try to continue any pending handshake.
+* Why doesn't my server application receive a client certificate?
+
+Due to the TLS protocol definition, a client will only send a certificate,
+if explicitely asked by the server. Use the SSL_VERIFY_PEER flag of the
+SSL_CTX_set_verify() function to enable the use of client certificates.
+
+
===============================================================================