Does anyone know of a good, complete implementation of the verify callback? The CB that's passed to the SSL_CTX_set_verify() function.
The versions I've looked at, in the openssl source tree, don't seem all that complete. My callback is experiencing the error, X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN, and I've not seen any methods that will help me in evaluating if this self-signed cert is valid. It *should* be the same self-signed root as I set up using SSL_CTX_add_extra_chain_cert(), but I assume that since the callback is being called with this error, it is up to me to somehow validate the certificate in question? How does one go about doing that? Thanks in advance, -lee ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]