Hi, I have a sample SSLized client server program. I am not using SSL_CTX_load_verify_locations() in the client and still my client is able to connect to the server. I wonder how this could be possible. How would the client be able to authenticate the server certificate without the knowledge of the root CA certificate that signed the server certificate.
The server certificate, as far as I know, is not self signed. (server certificate file is attached). Could someone explain to how my client connects to the server without the knowledge of the root CA? Could someone list down the necessary and sufficient conditions, for a certificate to be considered as self-signed? Thank you, ~ Urjit DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Pvt. Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Pvt. Ltd. does not accept any liability for virus infected mails.
svr_cert.pem
Description: Binary data
