[openssl-users] Self-signed error when using SSL_CTX_load_verify_locations CApath

Charles Mills charlesm at mcn.org
Fri Nov 30 22:00:59 UTC 2018


Thank you, yes, that solved it.

May I respectfully suggest that you consider improving the error message?

"Self-signed certificate in certificate chain" does not to me convey "No certificate hash links" (or "CA certificate not found in hash links").

Charles


-----Original Message-----
From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Viktor Dukhovni
Sent: Friday, November 30, 2018 10:22 AM
To: openssl-users at openssl.org
Subject: Re: [openssl-users] Self-signed error when using SSL_CTX_load_verify_locations CApath

> On Nov 30, 2018, at 12:47 PM, Charles Mills <charlesm at mcn.org> wrote:
> 
> I am using a client certificate that was signed by my “homegrown” CA (which uses the OpenSSL utility). When I point to the CA .PEM with SSL_CTX_load_verify_locations CAfile it works perfectly. When instead I use CApath to point to a folder that contains only that one .PEM file it fails. 

See the documentation of c_rehash.

-- 
	Viktor.



More information about the openssl-users mailing list