Bonjour,
No need to include openssl-dev here.
If A1 and A2 have the same subject, then they are 2 certificates for the
same CA. Therefore, your gateway is right in testing A1 first.
However, if your software is correctly configured, it should also test
A2. That's what OpenSSL does when given a set of CA certificates.
If your gateway software is a commercial software, please report this
misbehaviour to the vendor.
--
Erwann ABALEA
Le 10/06/2014 09:08, Mukesh Yadav a écrit :
Hi,
I have a query for Ca-Cert list.
If at gateway we have configured two CA-certs A1 and A2 both having
same subject and content except time-stamp of generation.
If peer sends Cert matching to A2, gateway tries to validate it with
A1(subject being same and configured first in list) and validation fails.
1. is there a way to avoid addition of cert in store if subject and
all contents are same except timestamp generation.
2. Or if not 1st, is there way to validate incoming cert with both
cert configured in store.
Thanks
