[openssl-users] [EXTERNAL] Re: Self-signed error when using SSL_CTX_load_verify_locations CApath
Viktor Dukhovni
openssl-users at dukhovni.org
Sat Dec 1 20:53:12 UTC 2018
On Sat, Dec 01, 2018 at 07:12:24PM +0000, Michael Wojcik wrote:
> > Are there compatibility concerns around changing error message
> > text for which users may have created regex patterns in scripts?
> >
> > I agree the text could be better, but not sure in what releases
> > if any to change the text, since the change may cause issues
> > for some users.
>
> Sure, this is always a concern. Maybe the change could be considered for OpenSSL 3.0, since that's a major release.
Care to create a PR against the "master" branch? Something
along the lines of:
"Provided chain ends with untrusted self-signed certificate"
or better. Here "untrusted" might mean not trusted for the requested
purpose, but more precise is not always more clear.
--
Viktor.
More information about the openssl-users
mailing list