Re: Fwd: basic constraints check

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

1.0.2j

On Fri, Jun 1, 2018, 3:52 AM Viktor Dukhovni <openssl-users@xxxxxxxxxxxx> wrote:


> On May 31, 2018, at 6:08 PM, Sandeep Deshpande <sandeep.bvb@xxxxxxxxx> wrote:
>
> Hi Rich.. Thanks..
> We want to add a check in our openssl library on client side to reject such server certificate which are generated by the intermediate CA with missing extensions like basic constraints..
> How do we go about it?
>
> I looked at the code. In crypto/x509v3/v3_purp.c I see that check_ca is there. But it is getting called only for server certificate.

Are you using OpenSSL 1.1.0 or OpenSSL 1.0.2?

--
        Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux