Re: CAPI engine seems to break server validation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Btw, how do you build the CAPI engine in versions of openssl that don't have the enable-capieng configure argument (e.g., 1.0.2u)? I tried -D__COMPILE_CAPIENG, but e_capi.c isn't even being compiled.
Thanks,
Brett S.

On Fri, Oct 23, 2020 at 9:45 AM Matt Caswell <matt@xxxxxxxxxxx> wrote:


On 23/10/2020 14:10, Brett Stahlman wrote:
> It seems that the CAPI engine is breaking the server verification somehow.
> Note that the only reason I'm using the ca-bundle.crt is that I couldn't
> figure out how to get CAPI to load the Windows "ROOT" certificate
> store, which contains the requisite CA certs. Ideally, server
> authentication would use the CA certs in the Windows "ROOT" store, and
> client authentication would use the certs in the Windows "MY" store, but
> CAPI doesn't appear to be loading either one.

This is probably the following issue:

https://github.com/openssl/openssl/issues/8872

Matt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux