On Wed, 2009-06-03 at 15:02 -0400, Victor Duchovni wrote: > with SSL_CTX_use_certificate_chain_file() the entire trust chain is > loaded from the provided file bottom-up order. The first certificate > is the leaf and must match the private key provided.
Ah, right. Most files I've encountered have had only the _one_ certificate. The code path you describe seems to be labelled with /* A Thawte special :-) */ throughout the addition and usage of those extra certs -- is that really the way it's _supposed_ to be done? -- dwmw2 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org