Author christian.heimes
Recipients christian.heimes
Date 2013-06-17.18:07:25
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1371492445.72.0.758102030613.issue18233@psf.upfronthosting.co.za>
In-reply-to
Content
As expected it is much harder to get the full certification chain from OpenSSL than I initially expected. SSL_get_peer_cert_chain() doesn't return the root CA's certificate. The new patch introduces a validation mode and uses X509_verify_cert(*X509_STORE_CTX) + X509_STORE_CTX_get1_chain() to build a full chain.
History
Date User Action Args
2013-06-17 18:07:25christian.heimessetrecipients: + christian.heimes
2013-06-17 18:07:25christian.heimessetmessageid: <1371492445.72.0.758102030613.issue18233@psf.upfronthosting.co.za>
2013-06-17 18:07:25christian.heimeslinkissue18233 messages
2013-06-17 18:07:25christian.heimescreate