[openssl-users] Fwd: SSL_get_certificate()

Jeremy Harris jgh at wizmail.org
Sat Nov 4 23:11:40 UTC 2017


1.0.2k fips.

Server, having loaded two certs (one rsa, one ecdsa) using
SSL_CTX_use_certificate_chain_file().

After SSL_accept(), call SSL_get_certificate() to see what
cert was presented.

The actual on-the-wire does what I'm expecting - the presented
server cert varies according to the server ciphers list ordering.
However, the SSL_get_certificate() call always returns the last
cert loaded.

What should I be doing different?
-- 
Thanks,
  Jeremy


More information about the openssl-users mailing list