[gnutls-devel] gnutls_certificate_verify_peers* question

Jaak Ristioja jaak.ristioja at cyber.ee
Tue Feb 19 10:10:28 CET 2013


If I use the gnutls_certificate_verify_peers2() or
gnutls_certificate_verify_peers3() functions in the callback set using
gnutls_certificate_set_verify_function(), do those functions also verify
that the peer has the private key corresponding to the public key in the
certificate, or is it done elsewhere outside of the callback?

The goal is to setup a connection, where both endpoints authenticate
only using their key pairs (i.e. give access iff peer has public key A;
ignoring any certification chain) and I'm wondering whether calling a
gnutls_certificate_verify_peers* function is needed at all.

Best regards,

More information about the Gnutls-devel mailing list