[openssl-users] Why construct so wierd certificate chain for one web site
Jerry OELoo
oyljerry at gmail.com
Mon Dec 29 08:32:16 UTC 2014
Hi.
I am using X509_STORE_CTX_get1_chain() to construct certificate chain
base on local root ca store. Now it works fine.
But when I access this website, https://www.sgetvous.societegenerale.fr/
I get a very strange result.
Peer cert subject[/C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA] depth[1] error[20]
Peer cert subject[/C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA] depth[1] error[27]
Peer cert subject[/OU=Domain Control Validated/OU=Gandi Standard
Wildcard SSL/CN=*.talkspirit.com] depth[0] error[27]
as above, CN points to *.talkspirit.com, what's this?
But https://www.ssllabs.com/ssltest/analyze.html?d=www.sgetvous.societegenerale.fr
query result is same as browser shown, certificate is signed by
VeriSign.
What's the problem, Thanks!
--
Rejoice,I Desire!
More information about the openssl-users
mailing list