[openssl-users] OpenSSL 1.0.2d X509_verify_cert function does not work as used to with chain of certificates
bhat.jayalakshmi at gmail.com
Sun Nov 15 13:30:06 UTC 2015
In earlier version of OpenSSL (i.e OpenSSL 1.0.1c) X509_verify_cert had a
check * if (params->trust >0)* before invoking check_trust function.
This has been removed in OpenSSL 1.0.2d. Does it mean applications are
expected to set the X509_VERIFY_PARAM properly?
Our application works fine in OpenSSL 1.0.1c. In OpenSSL 1.0.2d app fails
with X509_TRUST_UNTRUSTED error. I added the check *if (params->trust
>0) *before invoking
the check_trust API and functionality worked fine.
Any help on this well appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users