2

What function calls do I need to do for mutual authentication ? I have searched a lot, but didn't find anything useful.

Can anybody help me doing this ?

jww
  • 97,681
  • 90
  • 411
  • 885
Bharat
  • 265
  • 1
  • 6
  • 12
  • Which flavor of mutual authentication are you trying to use? TLS-SRP? TLS-PSK? TLS with PKIX certificates? – jww May 05 '16 at 06:06

1 Answers1

2

The function calls you are looking for are the SSL_set_verify() family. On the server side, specifying SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT requires a valid client certificate. On the client side, just SSL_VERIFY_PEER is needed.

Both sides must also ensure that anonymous ciphers are not allowed in their specified cipher list (set with SL_CTX_set_cipher_list()).

caf
  • 233,326
  • 40
  • 323
  • 462
  • I have used this, when i am trying to write it is returning -1. Can u tell me where I can be wrong ? – Bharat Aug 27 '10 at 08:31
  • 1
    @bharat: Not from that little information. Dump the actual errors with `ERR_print_errors_fp(stderr);` (and call `SSL_load_error_strings()` at program startup to make sure you have the error strings available). – caf Aug 27 '10 at 09:03