in reply to Re^2: Make IO::Socket:SSL refuse connections without client certificate
in thread [SOLVED] Make IO::Socket:SSL refuse connections without client certificate
To see what cert info and string you get when the client cert is absent.SSL_verify_callback => <Sub-ref>
on the server should have worked - i.e. it should drop the SSL handshake when the client cert is absent.SSL_verify_mode => SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT +,
Another option is to do a "tcpdump" to verify if the connection actually occurs when the client cert is absent.
...it is unhealthy to remain near things that are in the process of blowing up. man page for WARP, by Larry Wall
|
|---|