>> Scenario 1 - Failing case
>>
>> SSL_CTX_use_certificate_file() : Loaded cert_file
>> SSL_CTX_use_certificate_chain_file() : Loaded chain_file
>
> Doing this makes no sense.  If you're loading the complete chain
> file, there's no reason to first load just the certificate.
>
> Just use SSL_CTX_use_certificate_chain_file(3), debugging incorrect
> usage is not a good use of time.

The best I can tell, its not an correct configuration. The NOTES
section says SSL_CTX_use_certificate_chain_file should be preferred,
but its not forbidden. Confer,
https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_use_certificate.html
.

Perhaps its best to address the problem rather than attacking the
user. Its OK to disregard the feedback you are getting, but please
don't attack the users.

Jeff
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Reply via email to