On Thu, Aug 16, 2001 at 04:47:18PM +0200, Carlo Medas wrote:
> server_cert = SSL_get_peer_certificate (ssl); CHK_NULL(server_cert);
>
> long res = SSL_get_verify_result(ssl);
...
> The result value of the SSL_get_verify_result is always one of this 2:
>
> 20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer
>certificate
>
> the issuer certificate of a locally looked up certificate could not be found. This
>
> normally means the list of trusted certificates is not complete.
...
> 18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate
>
> the passed certificate is self signed and the same certificate cannot be found in the
>
> list of trusted certificates.
>
> So I guess how I can add or modify the list of trusted certificates....
man SSL_CTX_load_verify_locations.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
