hi
thanks a lot....
pls can u explain the reason the behaviour in a little more detail
with regds
ajay kumar
Lutz Jaenicke <[EMAIL PROTECTED]> on 11/12/2002 07:06:28 PM
Please respond to [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
cc: (bcc: Ajay Kumar Kasam/HSSBLR)
Subject: Re: how to handle certificate chains
On Tue, Nov 12, 2002 at 06:53:22PM +0530, [EMAIL PROTECTED] wrote:
> the problem i'm facing is that......i have server certificate signed by
the
> SubCA and SubCA's certificate signed by the
> root CA..... and i just loaded server certificate in the server side
using
> SSl_CTX_use_certificate_chain_file()
>
>
>
> and
>
> i just loaded rootCA at the client side using
> SSL_CTX_load_verify_locations() and SSL_CTX_set_verify_depth
> i set the depth to 2. In this scenerio, the handshake is successful.
>
> Pls let me know how did client accepted server certificate which is
signed
> by SubCA.
The behaviour is effected by the verify_callback specified in
SSL_CTX_set_verify().
Please check out the manual pages for SSL_CTX_set_verify and
SSL_get_verify_result. This should also answer questions with respect to
the verification depth.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
