问题
What function calls do I need to do for mutual authentication ? I have searched a lot, but didn't find anything useful.
Can anybody help me doing this ?
回答1:
The function calls you are looking for are the SSL_set_verify() family. On the server side, specifying SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT requires a valid client certificate. On the client side, just SSL_VERIFY_PEER is needed.
Both sides must also ensure that anonymous ciphers are not allowed in their specified cipher list (set with SL_CTX_set_cipher_list()).
来源:https://stackoverflow.com/questions/3575889/how-to-implement-mutual-authentication-for-client-in-openssl