[openssl-users] Load secrets to context.

Dr. Stephen Henson steve at openssl.org
Wed Jul 27 17:08:50 UTC 2016


On Wed, Jul 27, 2016, john gloster wrote:

> Thanks Victor.
> 
> Could you explain the reason in below cases? These are in cases when we use
> both the APIs as mentioned above.
> 
> cert_file : Server's certifcate
> chain_file: Complete certificate chain; starting with Server's certifcate,
> followed by intermediate CA certificate and ending with Root CA certificate
> 
> 
> Scenario 1 - Failing case
> 
> SSL_CTX_use_certificate_file() : Loaded cert_file
> SSL_CTX_use_certificate_chain_file() : Loaded chain_file
> 
> Test: When tried to connect to the server, only Server's certificate and
> Root CA certificate were presented in the CERTIFICATE message of the
> handshake; intermediate CA certificates were missing.
> 
> 

Do you get an error from either function? Do you get the same behaviour if you
omit SSL_CTX_use_certificate_chain_file()?

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org


More information about the openssl-users mailing list