[openssl-users] SSL_get_peer_certificate returns NULL in client_cert_cb after upgrade to openssl 1.1.1

Dave Wang mythjill at gmail.com
Wed Oct 10 22:04:23 UTC 2018

Hi there,

I have a client can talk with server, where the client certificate is
loaded in client_cert_cb  based on matching the server side certificate.

it works perfectly in openssl 1.1.0h, however it stops working after I
upgrade to openssl 1.1.1.

In client_cert_cb , when I call SSL_get_peer_certificate, it returns NULL,
which is different from openssl 1.1.0h.

I do set SSL_VERIFY_PEER on both sides.

any thoughts on this?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20181010/1ac8fa85/attachment.html>

More information about the openssl-users mailing list