> On Mar 31, 2021, at 1:49 AM, Nan Xiao <xiaonan830818@xxxxxxxxx> wrote: > > The connection is successful, but the ssl->verify_result is 18, i.e., > X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT. I am a little confused why > OpenSSL reports google's certificate is "self-signed"? And it should > be not. Most likely you haven't configured a suitable CAfile and/or CApath, which contains the root CA that ultimately issued Google's certificate. It looks like Google includes a self-signed root CA in the wire certificate chain, and if no match is found in the trust store, you'll get the reported error. -- Viktor.
