Quoth Mr Benjamin Kaduk: 'That's generally the default server behavior when no CAs are configured for that purpose. But, (1) I thought you were looking at the client side, and (2) how to configure the server depends on what software is used on the server, so there's not much more to say right now.' It was on the client side. I'm running sendmail as a client to relay mail that originates on my computer through gmail. When I request a certificate from gmail I get that message in the return (along with a certificate). It may not matter. It doesn't keep me from sending mail through gmail. I just wanted to understand it. When I send mail through gmail, sendmail reports 'verify=FAIL'. I hoped to make that not happen. Quoth Mr Viktor Dukhovni: 'https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_set_client_CA_list.html That's the same as the man page I already have. 'Just pass a NULL stack.' Is there an app with which I can do this or do I have to write a program? Not that I can't do that. russell bell -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
