I'm trying to find what's wrong when I use SSL_set_client_CA_list(ssl, NULL); in a server: openssl s_client still shows "Acceptable client CA names" (those which are previously set using SSL_CTX_load_verify_locations()) instead of the expected "No client certificate CA names sent" which happens if I use SSL_CTX_set_client_CA_list(ctx, NULL) Now sure what's wrong: - my program - openssl s_client - SSL_set_client_CA_list(ssl, NULL) - something else PS: openssl version is 1.0.2t
