I propose some little modifications to help the reader :
For more coherence,
X509_V_ERR_ERROR_IN_CRL_THIS_UPDATE_FIELD could replace
X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD (I believe that
lastUpdate field doesn't exist in [RFC2459] or [X509], it is thisUpdate).
What field can lead to this message : X509_V_ERR_CRL_NOT_YET_VALID ?
(thisUpdate field is always earlier that the current time, no ?)
In the following array :
static X509_TRUST trstandard[] = {
{X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL},
{X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL},
{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Client", NID_server_auth, NULL},
{X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL},
};
I suppose that
{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Client", NID_server_auth, NULL}
should be
{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth, NULL}
Regards,
Francoise
--
------- Francoise LACAMBRE ------------ BULL SA SD/ComServ ------
Tel : 01 30 80 77 51 (237 7751) Rue Jean Jaures
Fax : 01 30 80 65 40 (237 6540) 78340 Les Clayes-sous-Bois
mailto:[EMAIL PROTECTED] Implantation : FRCL P2/101
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
