> On Oct 10, 2016, at 3:52 AM, Ajay Garg <ajaygargnsit at gmail.com> wrote: > > If(BIO_should_read(socket->ssl_bio) != 0) > > If(BIO_should_write(socket->ssl_bio) != 0) In Postfix, we don't bother with the application layer ssl_bio, and just do SSL_read()/SSL_write() directly. You only need this if you specifically want a BIO API to SSL. > With this, I could get the entire end-to-end workflow to work !!!! You might not be done yet. Is the client verifying the server certificate including name checks? Just doing TLS, without certificate checks, only protects against passive attacks. -- Viktor.
