> From: owner-openssl-us...@openssl.org On Behalf Of Francis GASCHET > Sent: Monday, 18 June, 2012 12:06
> In my application, I met some problem when verifying a > certificate which is expired. It worked perfectly in 0.9.8 > and I get the X509_V_ERR_CERT_HAS_EXPIRED error code, <snip> > The same code linked with 1.0.0a gives a completely different > result : The call back is called with 'ok' equal to 0, but > "current_cert" is null and the ctx->error is equal to 0 too. > X509_STORE_load_locations(store, NULL, dir_cacerts), The cert-hash (and crl-hash) algorithm for CAcerts dir in 1.0.0 differs from that used in 0.9.8. Either make another dir and rehash, or use CAfile instead. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
