X509_STORE_load_locations() ignores the return value from
X509_LOOKUP_load_file().
Giving the wrong name of the file containing the CA certificate will not
produce any errors until the code is required to verify a certificate.
Note that the sample callback (verify_callback()) for X509_verify_cert()
always converts NOT_OK to OK if the depth is less than (10). This
doesn't seem to be a good idea. Am I missing something?
I'm using OpenSSL 0.9.2b.
Ron.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
