Following command always fails. I believe the behaviour is not what we
want. I attached a patch against s_client, s_server and s_time. Other
commands might also be suffered from the safe problem.
openssl s_client -verify 0 -connect somewhere
diff -Nru openssl-SNAP-20040330.orig/apps/s_client.c
I wrote new c_rehash in C which can handle a PEM file which contains
multiple certificates or CRLs. For example my multi_c_rehash can do
this:
% ls ~/certs
ca.pem friends-ca.pem new-crl.pem
% multi_c_rehash ~/certs
Doing /home/me/certs
ca.pem = 8e6e2991.0 4f19d2b4.0 43d4bde2.0 db65db21.0