diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc
index 85142522f..1c55a7cd2 100644
--- a/libretroshare/src/pqi/authssl.cc
+++ b/libretroshare/src/pqi/authssl.cc
@@ -50,12 +50,10 @@
 /********************************************************************************/
 /********************************************************************************/
 
+
 // initialisation du pointeur de singleton à zéro
 AuthSSL *AuthSSL::instance_ssl = new AuthSSL();
 
-// initialisation du pointeur de ex data du ssl context
-int AuthSSL::ex_data_ctx_index = 0;
-
 
 sslcert::sslcert(X509 *x509, std::string pid)
 {
@@ -2049,57 +2047,6 @@ int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx)
             std::string certId;
             getX509id(X509_STORE_CTX_get_current_cert(ctx), certId);
 
-				if(certId == mConnMgr->getOwnId())
-					return false ;
-
-            if (!mConnMgr->isFriend(certId)) {
-                //we've got a new ssl id
-                preverify_ok = false;
-                mConnMgr->addFriend(certId, getX509CNString(X509_STORE_CTX_get_current_cert(ctx)->cert_info->issuer));
-            }
-
-            //is the connection was initiated by us, then it was for a specific peer id wich is stored is in the context
-            //check that the peerid in the context is the same as the cert one
-            SSL *ssl = (SSL*) X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
-            if (SSL_get_ex_data(ssl, AuthSSL::ex_data_ctx_index)) {
-                char *peer_id_in_context = (char*) SSL_get_ex_data(ssl, AuthSSL::ex_data_ctx_index);
-                if (std::string(certId.c_str()) != std::string(peer_id_in_context)) {
-                    //the connection was asked for a given peer and get connected to another peer
-                    #ifdef AUTHSSL_DEBUG
-                    fprintf(stderr, "AuthSSL::VerifyX509Callback peer id in context not the same as cert, aborting connection.\n");
-                    #endif
-                    preverify_ok = false;
-
-                    //tranfer the ip address to the new peer
-                    peerConnectState detail;
-                    if (mConnMgr->getFriendNetStatus(peer_id_in_context, detail)) {
-                        //transfer ips only if the two peers got the same gpg key
-                        if (detail.gpg_id == getX509CNString(X509_STORE_CTX_get_current_cert(ctx)->cert_info->issuer)) {
-                            mConnMgr->updateAddressList(certId, detail.getIpAddressList());
-                        }
-                    }
-                } else {
-                    #ifdef AUTHSSL_DEBUG
-                    fprintf(stderr, "AuthSSL::VerifyX509Callback peer id in context is the same as cert, continung connection.\n");
-                    #endif
-                }
-            }
-
-            //set location
-            mConnMgr->setLocation(certId, getX509LocString(X509_STORE_CTX_get_current_cert(ctx)->cert_info->subject));
-
-            //Check if peer isn't already connected
-            peerConnectState detail;
-            if (mConnMgr->getFriendNetStatus(certId, detail)) {
-                if (detail.state & RS_PEER_CONNECTED && !(detail.connecttype & RS_NET_CONN_TUNNEL)) {
-                    #ifdef AUTHSSL_DEBUG
-                    fprintf(stderr, "AuthSSL::VerifyX509Callback this peer is already connected, refuse a new connection.\n");
-                    #endif
-                    preverify_ok = false;
-                }
-            }
-
-
         }
 
         #ifdef AUTHSSL_DEBUG
diff --git a/libretroshare/src/pqi/authssl.h b/libretroshare/src/pqi/authssl.h
index 2e6d5b618..40ae47c61 100644
--- a/libretroshare/src/pqi/authssl.h
+++ b/libretroshare/src/pqi/authssl.h
@@ -54,9 +54,12 @@
 
 typedef std::string SSL_id;
 
-class AuthSSL;
+/* This #define removes Connection Manager references in AuthSSL.
+ * They should not be here. What about Objects and orthogonality?
+ * This code is also stopping immediate reconnections from working.
+ */
 
-class p3ConnectMgr;
+class AuthSSL;
 
 class sslcert
 {
@@ -185,8 +188,6 @@ static int ex_data_ctx_index; //used to pass the peer id in the ssl context
   static AuthSSL *getAuthSSL() throw() // pour obtenir l'instance
       { return instance_ssl; }
 
-        p3ConnectMgr *mConnMgr;
-
     private:
 
         // the single instance of this
diff --git a/libretroshare/src/pqi/pqissl.cc b/libretroshare/src/pqi/pqissl.cc
index 5c54ef17a..be10a014c 100644
--- a/libretroshare/src/pqi/pqissl.cc
+++ b/libretroshare/src/pqi/pqissl.cc
@@ -966,10 +966,6 @@ int 	pqissl::Initiate_SSL_Connection()
 
 	ssl_connection = ssl;
 
-        //store the peer id in the context for the callback check
-        AuthSSL::ex_data_ctx_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
-        SSL_set_ex_data(ssl, AuthSSL::ex_data_ctx_index, const_cast<char*> (PeerId().c_str()));
-
         net_internal_SSL_set_fd(ssl, sockfd);
 	if (err < 1)
 	{
diff --git a/libretroshare/src/rsserver/rsinit.cc b/libretroshare/src/rsserver/rsinit.cc
index f565f4406..8cbfecd62 100644
--- a/libretroshare/src/rsserver/rsinit.cc
+++ b/libretroshare/src/rsserver/rsinit.cc
@@ -1980,7 +1980,7 @@ int RsServer::StartupRetroShare()
 	rsNotify = new p3Notify();
 
         mConnMgr = new p3ConnectMgr();
-        AuthSSL::getAuthSSL()->mConnMgr = mConnMgr;
+
         //load all the SSL certs as friends
 //        std::list<std::string> sslIds;
 //        AuthSSL::getAuthSSL()->getAuthenticatedList(sslIds);