On Tue, Oct 30, 2012 at 2:22 PM, Michal Suchanek <[email protected]> wrote:
>> Now for the issue you see. It is because you do not set the flag >> GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN. If you set this flag then unsorted >> chains will be sorted prior to verification. The reason you see this >> failure is because this flag is enabled by default on a credentials >> structure, unless it is overridden by other flags as you do. > The verification does not work on gnutls before 3.1 regardless of setting > flags. > Has that default changed in 3.1? The GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN was introduced in 3.1 if this is what you mean. regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
