[openssl-users] Intermediate certificates
Serj
rasjv at yandex.com
Tue Jan 27 19:21:01 UTC 2015
Hello.
Some web-sites don't send all intermediate certs during "SSL Handshake". For example, www.verisign.com sends only server's cert but doesn't send next intermediate cert:
s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation SSL SGC CA
i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
So, I need to set a list of intermediate certs for my SSL connections. How to do this?
With SSL_CTX_load_verify_locations() I can set only trusted root certs, but not intermediate certs.
--
Best Regards,
Serj
More information about the openssl-users
mailing list