> On Dec 18, 2019, at 11:10 AM, Jan Just Keijser wrote:
>
> the short answer is no, it does not; the openssl library will let you load
> expired/invalid certificates if you do not do any explicit checks. Use a
> verify_callback and call X509_verify_cert() to check the validity.
The verify cal
On 18/12/19 09:54, Mody, Darshan Arvindkumar (Darshan) wrote:
Hi
We are using SSL_CTX_use_certificate and
SSL_CTX_use_certificate_chain_file APIs to load the certificates.
My query is when we are loading the certificate in the Context does
openssl verify the certificates for e.g. whether th
Hi
We are using SSL_CTX_use_certificate and SSL_CTX_use_certificate_chain_file
APIs to load the certificates.
My query is when we are loading the certificate in the Context does openssl
verify the certificates for e.g. whether the certificate is expired already etc.
Thanks and Regards
Darshan
