On Thu May 08 15:49:11 2014, [email protected] wrote: > > I can confirm that with this patch applied my use case with > X509_verify_cert() works as expected (misidentification of signing > certificate as CRL issuer no longer occurs). >
Could you give me more details of this case? If possible if you could send the certificates and CRLs involved (privately if you wish). It may be possible to address this case in X509_verify_cert() itself. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
