Didn't see any reply, thought I will ask one simpler questions again. If for one root Certificate, there are both expired and unexpired cert (same DN) at the CA file, which one will be used during certificate verification? >From testing, if there are only those 2 certs at the CA file, the certificate at later of CA file will be used. However if there are quite a few certs at the CA file, this doesn't hold any more, it seems that the sequence at the CA file doesn't matter any more. Could any one shed some lights on this?
-- View this message in context: http://old.nabble.com/strange-behavior-of-self-signed-cert-%E2%80%9CVeriSign-Class-3-Public-Primary-Certification-Authority---G5%E2%80%9D.-tp30506166p30507116.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
