[openssl-users] 'No client certificate CA names sent'

russellbell at gmail.com russellbell at gmail.com
Tue Jan 31 15:07:16 UTC 2017


	Quoth Mr Benjamin Kaduk:

	'That's generally the default server behavior when no CAs are
configured for that purpose.  But, (1) I thought you were looking at
the client side, and (2) how to configure the server depends on what
software is used on the server, so there's not much more to say right
now.'
	It was on the client side.  I'm running sendmail as a client
to relay mail that originates on my computer through gmail.  When I
request a certificate from gmail I get that message in the return
(along with a certificate).  It may not matter.  It doesn't keep me
from sending mail through gmail.  I just wanted to understand it.
	When I send mail through gmail, sendmail reports
'verify=FAIL'.  I hoped to make that not happen.

	Quoth Mr Viktor Dukhovni:

	'https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_set_client_CA_list.html

	That's the same as the man page I already have.

	'Just pass a NULL stack.'

	Is there an app with which I can do this or do I have to write
a program?  Not that I can't do that.

russell bell


More information about the openssl-users mailing list