Arno Garrels wrote:
> RTT wrote:
>> And you are sure the MyServerCert.pem is not, by mistake,  self
>> signed.
> Very sure.

I misunderstood the purpose of the -untrusted switch completely.
Its purpose is to add chain certificates not explicitly trusted.
These certificates are used to build up the verify chain internally.
For instance:
#1 Root cert was in the TrustedCA.pem    
#2 Intermediate CA cert signed by #1 was NOT in TrustedCA.pem
#3 Server cert to be verified signed by #2  

You have to add #2 with -untrusted otherwise the verify chain 
cannot be completed. 
Arno Garrels

To unsubscribe or change your settings for TWSocket mailing list
please goto
Visit our website at

Reply via email to