Q: Does OpenSSL's trust-list verification support trusting multiple certificates with the same subject name and overlapping validity periods?
In more detail: We have customers who issue replacement certificates with the same subject name and different validity periods. We'd like to be able to straightforwardly add the new certificates to the trust list and have them work, but seem to find that certificate verification doesn't handle the case. (Mozilla NSS does seem to handle it.) -- Jordan Brown, Oracle Solaris
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users