On Mon, 2010-05-10 at 14:43 -0400, Chris Bare wrote:
Is there a way get have X509_verify_cert retry it's path building after it
gets an X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT?
My idea is to implement a verify callback that uses the AIA information to
download the issuer cert and add it to the
On Mon, 2010-05-10 at 14:43 -0400, Chris Bare wrote:
Is there a way get have X509_verify_cert retry it's path building after it
gets an X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT?
My idea is to implement a verify callback that uses the AIA information to
download the issuer cert and add it to
On Tue, 2010-05-11 at 09:58 -0400, Chris Bare wrote:
That's almost perfect, but doesn't putting it inside the X509_STORE like this
tell the rest of the code it's trusted? If I'm downloading it using AIA I
can't trust it and still need to chain up to a trusted root.
Hm, true. But surely there's
Hello,
I need to access the server write key and client write key that is generated
during the SSL Handshake and I am struggling on how one might do this. I am
wondering if anyone has either done this or knows where I should be looking?
It looks like they get passed into the cipher, but I do
Hello,
I need to access the server write key and client write key that is generated
during the SSL Handshake and I am struggling on how one might do this. I am
wondering if anyone has either done this or knows where I should be looking?
It looks like they get passed into the cipher, but I do
I'm getting a segv when trying to run CA.pl/.sh to create a rootCA:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
unknown option -create_serial
usage: ca args
-verbose- Talk alot while
