Hi,
I have a server certificate that has been signed by a certifciate chain
(ie. by my own CA certificate that has been signed by another CA).
What I would like to do is supply just my CA signing certificate and not
any others in the chain to the SSLeay 0.8.1 client for cert
verification, ie. turn it into a non-chaining implementation.
This would mean that my CA cert would be implicitly trusted and any
certificate signed using this would not require any further verification
by travelling along the certificate chain.
I understand this is fairly simple to implement using SSLeay by simply
setting the maximum chain length to 1.
The problem is, after spending alot of time looking I have been unable
to discover where or how I can change the maximum chain length.
Does anybody have any idea of what function(s) I should call (I failed
to find any mention of this in the documents)?
thanks,
Sarah
--
Have you seen the fnords?
Sarah Bateman([EMAIL PROTECTED]), Software Engineer
Client Integration Development, SCO, Vision Park, Cambridge
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
