A self-signed CA certificate in the CA file *sometimes* stops verification working

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



OpenSSL 1.0.2h on Windows (different versions).

I have noticed the following behaviour:

1 Create a certificate file with two CA certificates, one for the server being connected to (server A) and one for another server (server B).
2 Whichever way the CA certificates are ordered the connect works OK.
3 Add a self-signed CA certificate in the file before the one for server A. The connect fails 'Verify return code: 21 (unable to verify the first certificate)'.
4 Move the self-signed CA certificate after the one for server A. The connect works OK.

Why should the self-signed certificate affect the connection when the required CA certificate is in the certificate file? Is this a bug?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160906/ed3fc2a9/attachment-0001.html>


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux