thanks a lot for the answer. that makes sense.
Dave Thompson-5 wrote:
>
> OpenSSL implements a self-signed cert as issued by itself
> (which it kind of is) and so won't recognize it if
> KeyUsage is present and does not allow keyCertSign.
>
--
View this message in context:
http://old.nabble
> From: owner-openssl-us...@openssl.org On Behalf Of Pingzhong Li
> Sent: Monday, 20 February, 2012 14:55
> To: openssl-users@openssl.org
> Subject: self signed cert verification is failed
> we have a server which has a self signed certificate, however
> when we tried
> to use openssl to connect
