It should be possible to use trusted certificates when SSL_CTX_use_certificate_chain_file() is called. Simply replacing PEM_read_bio_X509 with PEM_read_bio_X509_AUX should work. Or is there some reason why this should not be changed?
See also https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208746 -- Tomas Mraz No matter how far down the wrong road you've gone, turn back. Turkish proverb ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]