CAPI engine seems to break server validation
Matt Caswell
matt at openssl.org
Fri Oct 23 13:45:05 UTC 2020
On 23/10/2020 14:10, Brett Stahlman wrote:
> It seems that the CAPI engine is breaking the server verification somehow.
> Note that the only reason I'm using the ca-bundle.crt is that I couldn't
> figure out how to get CAPI to load the Windows "ROOT" certificate
> store, which contains the requisite CA certs. Ideally, server
> authentication would use the CA certs in the Windows "ROOT" store, and
> client authentication would use the certs in the Windows "MY" store, but
> CAPI doesn't appear to be loading either one.
This is probably the following issue:
https://github.com/openssl/openssl/issues/8872
Matt
More information about the openssl-users
mailing list