I'm not sure you solved that. This works just because your certificate chain
will have only 1 certificate so no signature verification is done.
kr,
Eugen Sendroiu
- Original Message
From: .:: Francesco la Torre ::. <[EMAIL PROTECTED]>
To: openssl-users@openssl.org
Sent: Saturda
It would be helpful if we could see the certificate. My guess is that either
your cert is self signed, in which case you need to treat this case in your
callback, or the certificate you are trying to verify is not signed by the
trust anchor that you provide. Also you must be careful which text
, June 20, 2008 4:49:55 PM
Subject: Re: Server Authentication
Hello Sendroiu,
Thats what i was
asking
How can i get the certificates of CAs
i turst?
Regards
Alok Bhatnagar
- Original Message -
From: Sendroiu Eugen
To: openssl-users@openssl.org
Sent: Friday, June 20, 2
>From what I understand, you need the trust anchors certificate( eg Verisign )
so that you can check the server's certificate against the probably self-signed
Verisign certificate. It is supposed that you have already have the
certificates of
CAs you trust.
If your question is how to find online
If the files are stored locally in a directory, then you can specify to the CTX
the hash directory ( X509_STORE_load_locations(store,hashdir,rootfile) ), but
you need to name your certificate file(s) with the hash of the subject name of
the certificate. Or you could implement your own method: fo
One of the certificates from VeriSign that comes with Firefox is issued in 1996
and it lasts until 2028. That's 30+ years.
- Original Message
From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
To: openssl-users@openssl.org
Sent: Thursday, June 5, 2008 8:22:09 PM
Subject: Re: 2038 date limit
