Hello guys,
seen in changelog
The functions X509_STORE_add_cert() now checks for an
exact match, rather than just subject name.
Can someone please explain me how to debug this and make things work?
Maybe because certificates are wrong...or using deprecated api?
PS: the problem with validate peer on ssl connection was solved by setting
the clock properly.
Still need to load the trust chain so I can verify some signed xmls.
Thanks,
Ionut
On Tue, Jan 14, 2014 at 2:52 PM, Putinei .Ionut <putineiio...@gmail.com>wrote:
> Hello guys,
>
> I do not know if this is a openssl issue or curl/xmlsec.
> I have certificates for trust chain (x509) that are not loaded by xmlsec
> and also does not validate peer on ssl connection.
>
> The fails in xmlsec report error at openssl function <X509_STORE_add_cert>
>
> Run environment is arm.
> xmlsec library on host (x86) it works it works ----is same version.
>
> On host openssl is older.....the default version from ubuntu 12.04 and i
> have no problems ..neither with errors from xmlsec neither from curl.
>
> *certifcates have same md5sum both on host and arm environment.
>
>
> If you know a patch that is must apply please share.
>
> Thanks,
> Ionut
>
>
>
>
