On Wed, 2009-06-03 at 15:02 -0400, Victor Duchovni wrote:
> with SSL_CTX_use_certificate_chain_file() the entire trust chain is
> loaded from the provided file bottom-up order. The first certificate
> is the leaf and must match the private key provided.
Ah, right. Most files I've encountered have had only the _one_
certificate. The code path you describe seems to be labelled with
/* A Thawte special :-) */
throughout the addition and usage of those extra certs -- is that really
the way it's _supposed_ to be done?
--
dwmw2
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
