> > Hence, if at all, verification requirements must have been lowered in the new OpenSSL version. > > No, it is also the case that the new version now more correctly accepts > some chains as valid that because of bugs, the old version did not. Understood! My reply was related to message only, as I was afraid he might have mistook the problem description. Hence, I wanted to clarify this. I have taken your advice to upgrade to OpenSSL 1.1.0 seriously and did accordingly. We are now using OpenSSL 1.1.0g and everything seems to be doing fine so far. This matter can thus be regarded as solved. Thanks to everyone who contributed! Best regards, Manuel -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
