On Tue, 2010-05-11 at 09:58 -0400, Chris Bare wrote:
> That's almost perfect, but doesn't putting it inside the X509_STORE like this
> tell the rest of the code it's trusted? If I'm downloading it using AIA I
> can't trust it and still need to chain up to a trusted root.
Hm, true. But surely there
> On Mon, 2010-05-10 at 14:43 -0400, Chris Bare wrote:
> > Is there a way get have X509_verify_cert retry it's path building after it
> > gets an X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT?
> > My idea is to implement a verify callback that uses the AIA information to
> > download the issuer cert and add
On Mon, 2010-05-10 at 14:43 -0400, Chris Bare wrote:
> Is there a way get have X509_verify_cert retry it's path building after it
> gets an X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT?
> My idea is to implement a verify callback that uses the AIA information to
> download the issuer cert and add it to the
> On 05/10/2010 08:43 PM, Chris Bare wrote:
> > Is there a way get have X509_verify_cert retry it's path building after it
> > gets an X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT?
> > My idea is to implement a verify callback that uses the AIA information to
> > download the issuer cert and add it to the
On 05/10/2010 08:43 PM, Chris Bare wrote:
Is there a way get have X509_verify_cert retry it's path building after it
gets an X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT?
My idea is to implement a verify callback that uses the AIA information to
download the issuer cert and add it to the stack of untrust
Is there a way get have X509_verify_cert retry it's path building after it
gets an X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT?
My idea is to implement a verify callback that uses the AIA information to
download the issuer cert and add it to the stack of untrusted certs.
Is this possible, or would I have
