[openssl-users] [EXTERNAL] Certificate gets verified OK over SSL-CLI, but not when using SSL-API
ManWag at FastMail.FM
Fri Feb 2 09:02:55 UTC 2018
> > Hence, if at all, verification requirements must have been lowered in the new OpenSSL version.
> No, it is also the case that the new version now more correctly accepts
> some chains as valid that because of bugs, the old version did not.
Understood! My reply was related to message only, as I was afraid he might have mistook the problem description. Hence, I wanted to clarify this.
I have taken your advice to upgrade to OpenSSL 1.1.0 seriously and did accordingly. We are now using OpenSSL 1.1.0g and everything seems to be doing fine so far. This matter can thus be regarded as solved.
Thanks to everyone who contributed!
More information about the openssl-users