[openssl-users] X509_verify_cert cannot be called twice

Viktor Dukhovni openssl-users at dukhovni.org
Thu Mar 24 15:17:00 UTC 2016

> On Mar 24, 2016, at 4:21 AM, DEXTER <mydexterid at gmail.com> wrote:
> So this patch:
> https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b3b1eb5735c5b3d566a9fc3bf745bf716a29afa0
> magically made itself into ubuntu trusty's version of openssl in a
> security update.
> My question is:
> What is the recommended way now to call X509_verify_cert twice or
> unlimited times from SSL_CTX_set_cert_verify_callback callback.
> (This is where the ctx is already initialized by openssl and not by the user)

I'm afraid multiple calls are not supported.
I'll consider updating the 1.1.0 code to make that possible,
but that won't help you with 1.0.[12]...


More information about the openssl-users mailing list