Orginally I was using SSL_get_peer_cert_chain() func, which I though
was giving me the cert chain built up to verify the peer cert from the certs that i added to the SSL_CTX->cert_store , but then I discovered that it really is the cert chain given by the client during the TLS handshake. That ssl_verify_cert_chain throws away the chain built up in X509_verify_cert. Am I correct that if I need to traverse the cert chain that used to validate the peer cert , post handshake, I need to do the same steps as ssl_verify_cert_chain() in my code, so as to get a cert chain so I can utilize for my post validation. Or am my miss reading the code. --
Charlie Lenahan Software Engineer | [EMAIL PROTECTED] | P. 813 288 7388 x121 | F. 813 288 7389 Fortress Technologies | 4023 Tampa Road, Suite 2000 | Oldsmar, FL 34677 IM: [EMAIL PROTECTED] or [EMAIL PROTECTED] or [EMAIL PROTECTED] | SKYPE: sonicbison |