|
When my client prg tries to verify my self-signed
certs in this way, I have some errors:
server_cert = SSL_get_peer_certificate (ssl); CHK_NULL(server_cert); long res = SSL_get_verify_result(ssl); if(res==X509_V_OK) printf("Certificate verification passed...\n"); else printf("Verify return value is: %d\n",res); The result value of the SSL_get_verify_result is always one of this 2: 20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate the issuer certificate of a locally looked up certificate could not be found. This normally means the list of trusted certificates is not complete.
18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate the passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.
So I guess how I can add or modify the list of trusted certificates.... Thx all. Carlo Medas |
