[openssl-users] Regarding SSL_VERIFY_PEER

john gloster glosterj9 at gmail.com
Wed May 3 09:58:00 UTC 2017


Hi,

I needed to validate different extensions of each of the Issuer certificate
in the chain.

Snippet rom https://linux.die.net/man/3/ssl_set_verify:

"The certificate chain is checked starting with the deepest nesting level
(the root CA certificate) and worked upward to the peer's certificate. At
each level signatures and issuer attributes are checked. "

When we say "issuer attributes", could someone let me know what different
stuffs in the CA certificate are validated?


Thanks in advance.

John.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170503/264bbab9/attachment.html>


More information about the openssl-users mailing list