OpenSSL 1.0.2d X509_verify_cert function does not work as used to with chain of certificates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi All,

In earlier version of OpenSSL  (i.e OpenSSL 1.0.1c)  X509_verify_cert had a
check * if (params->trust >0)* before invoking check_trust function.

This has been removed in OpenSSL 1.0.2d. Does it mean applications are
expected to set the X509_VERIFY_PARAM properly?

Our application works fine in OpenSSL 1.0.1c. In OpenSSL 1.0.2d app fails
with X509_TRUST_UNTRUSTED error. I added the check *if (params->trust
>0) *before invoking
the check_trust API and functionality worked fine.

Any help on this well appreciated.

Regards
Jayalakshmi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151115/d1acfc17/attachment.html>
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux