> levitte> Since -issuer_checks sets the X509_V_FLAG_CB_ISSUER_CHECK flag and > levitte> 'issuer' isn't the issuer of 'x' during those three calls, you can see > levitte> how come the callback gets called those three times. The callback in > levitte> question is the onw in apps/verify.c, which writes those lines you > levitte> saw. > > In other words, you don't need to worry about those lines...
Does this mean that openssl verify command does not check the name chain and if I put the correct value in the issuer of x in apps/verify.c, I would not get the error? or does it check in somewhere else? Sincerely, -Kiyoshi Kiyoshi Watanabe ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
