I agree that this should be done but there are quite a few cases to cover.
The exit code could be modified to represent the actual verify error. This is possible because code 1 is used for other errors and is not a valid verify failure reason. However theres also the issue of what should happen if multiple certificates are verified: should it check all the certificates (as it currently does) and have the exit code represent the first error or halt on the first error with a failure code? I'd suggest this behaviour is made controllable via some new command line options. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
