I wondered if perhaps there were path or filename specification problems (need to escape backslashes? a problem with embedded spaces?) but I eliminated all of those variables -- put the certificate with a "simple" name in the current path.
What do I look for? How do I get more granularity than "unable to get local issuer certificate"? I'm using a pre-built Windows distribution of OpenSSL 1.0.1c. It will take some re-arrangement to be able to trace into OpenSSL. 64-bit Windows, if that matters. Charles -----Original Message----- From: Charles Mills [mailto:charl...@mcn.org] Sent: Friday, August 10, 2012 8:54 PM To: 'openssl-users@openssl.org' Subject: RE: CA for IIS-issued self-signed certificate? > If you ... subsequently call set_default_verify_paths, the later call overrides and > (only) the default file and/or directory are used. Thanks. I wondered about that. I commented it out though and still get exactly the same result. I also added a certificate verify callback. I come through there and get err 20:unable to get local issuer certificate Charles ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
