Hi. I am using X509_STORE_CTX_get1_chain() to construct certificate chain base on local root ca store. Now it works fine.
But when I access this website, https://www.sgetvous.societegenerale.fr/ I get a very strange result. Peer cert subject[/C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA] depth[1] error[20] Peer cert subject[/C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA] depth[1] error[27] Peer cert subject[/OU=Domain Control Validated/OU=Gandi Standard Wildcard SSL/CN=*.talkspirit.com] depth[0] error[27] as above, CN points to *.talkspirit.com, what's this? But https://www.ssllabs.com/ssltest/analyze.html?d=www.sgetvous.societegenerale.fr query result is same as browser shown, certificate is signed by VeriSign. What's the problem, Thanks! -- Rejoice,I Desire! _______________________________________________ openssl-users mailing list openssl-users@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-users
