On Tue, Aug 09, 2016 at 01:45:24AM +0000, William M Edmonds via RT wrote: > If I specify a CAfile that includes the leaf certificate and/or > intermediate CA certificates, but not the root certificate, then > verification fails.
As expected, unless you use the "-partial" flag in the command-line utilities, or use the X509_VERIFY_PARAM_set_flags() to set the X509_V_FLAG_PARTIAL_CHAIN flag when using the API. This ticket should be closed. -- Viktor. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev