> > Hence, if at all, verification requirements must have been lowered in the 
> > new OpenSSL version.
> 
> No, it is also the case that the new version now more correctly accepts 
> some chains as valid that because of bugs, the old version did not.

Understood! My reply was related to message only, as I was afraid he might have 
mistook the problem description. Hence, I wanted to clarify this.

I have taken your advice to upgrade to OpenSSL 1.1.0 seriously and did 
accordingly. We are now using OpenSSL 1.1.0g and everything seems to be doing 
fine so far. This matter can thus be regarded as solved.

Thanks to everyone who contributed!

Best regards,
Manuel
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Reply via email to