> On Sep 11, 2018, at 2:25 AM, Armen Babikyan <armen.babikyan@xxxxxxxxx> wrote: > > I realized that something like this could be an option a few minutes after I hit "send". Thanks for the confirmation - I'll give this a shot! You should also consider what if anything you want to pass to SSL_CTX_set_client_CA_list(3) See the docs. Some clients (IIRC Java's TLS stack) don't send any client certificates unless the server solicits a certificate from a matching CA, and leaving the list empty may not work for such clients. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users