Hi folks,
I am using openssl version 4, for a proxy application.
The SSL cache is not working:
In visual debugger, on the first connection it make update of the cache,
and connect.
On a second connection it is checking the cache, not find the
session-id, and then it update again the cache.
I use
At 12:43 04.01.00 +0200, you wrote:
Hello all!
Hello,
For each certificate in chain I do next:
i = X509_verify(x, X509_get_pubkey(x));
For many sites (www.chase.com, www.ubs.com, ...) I have that first
certificate
in chain has unmatched signature (i == 0). Only last certificate (from RSA
)
Yuriy Stul wrote:
Hello all!
For each certificate in chain I do next:
i = X509_verify(x, X509_get_pubkey(x));
For many sites (www.chase.com, www.ubs.com, ...) I have that first certificate
in chain has unmatched signature (i == 0). Only last certificate (from RSA )
has good
Hi,
after stumbling over another cipher-handling bug, I have updated my
"cipher handling patch", which reorganizes the construction of the cipher
list.
Bug Description: When running into an "unexpected" symbol in the cipher
selection string, the selection routine runs into an endless loop.
i = X509_verify(x, X509_get_pubkey(x))
will only succeed on self-signed (CA) certificates like Verisign.
What you need to do is verify the cert using the pubkey of it's issuer:
i = X509_verify(x, X509_get_pubkey(issuer_of_x))
but this will leak memory since X509_get_pubkey(x) adds one to the
Roger Bodén wrote:
I have registered a certificate validation function in my SSL_CTX struct
using SSL_CTX_set_verify method. The callback function takes an int and
an X509_STORE_CTX as input. Somehow I would like to pass some
application data to this function. The ex_data field of
