Hello, After getting an error in the verify callback of my server saying that the presented client certificate is expired, I cannot clear the openssl error stack.
The reason I want to do that is because I want to be able to override (under specific circumstances) the default OpenSSL behavior that rejects a connection from a client who presents an expired certificate. The way I have tried to do that is to return 1 from the verification callback when openssl passes 'ok' argument as 0 (i.e. failed verification). I would expect that returning 1 signifies success and hence the error stack is cleared, however I found out that calling SSL_get_verify_result() after the verification callback still returns an error. Why is that? Please note that I'm using openssl 0.9.8 Thanks a lot in advance, Antonis
_______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
