[openssl-users] Certificate Verify and non-root Trust Anchors

Viktor Dukhovni openssl-users at dukhovni.org
Mon Dec 11 23:28:35 UTC 2017

Previous message: [openssl-users] Certificate Verify and non-root Trust Anchors
Next message: [openssl-users] Certificate Verify and non-root Trust Anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Dec 11, 2017, at 6:20 PM, J Decker <d3ck0r at gmail.com> wrote:
> 
> I'm pretty sure you need the root also, not just the intermedia ca...

The purpose of X509_V_FLAG_PARTIAL_CHAIN is to make it possible
to make do with just the intermediate certificate in the trust
store.  So, no, the root is not always required.

-- 
	Viktor.

Previous message: [openssl-users] Certificate Verify and non-root Trust Anchors
Next message: [openssl-users] Certificate Verify and non-root Trust Anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the openssl-users mailing list