HI Manoj
if you check the documentation, it shows
18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificatethe
passed certificate is self signed and the same certificate cannot be found
in the list of trusted certificates.
corresponding code can be found in x509_vfy.c, where you need to add the
ceritificate to trusted list.
if (ctx->check_issued(ctx, x, x))
{
/* we have a self signed certificate */
if (sk_X509_num(ctx->chain) == 1)
{
/* We have a single self signed certificate: see if
* we can find it in the store. We must have an exact
* match to avoid possible impersonation.
*/
ok = ctx->get_issuer(&xtmp, ctx, x);
if ((ok <= 0) || X509_cmp(x, xtmp))
{
ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; >> this is the
error you are getting.
ctx->current_cert=x;
ctx->error_depth=i-1;
if (ok == 1) X509_free(xtmp);
bad_chain = 1;
ok=cb(0,ctx);
if (!ok) goto end;
}
else
{
/* We have a match: replace certificate with
store version
* so we get any trust settings.
*/
X509_free(x);
x = xtmp;
(void)sk_X509_set(ctx->chain, i - 1, x);
ctx->last_untrusted=0;
}
}
Thanks
Krishna Mohan.
From: Manoj <manojkpang...@gmail.com>
Reply-To: "openssl-users@openssl.org" <openssl-users@openssl.org>
Date: Friday, 15 November 2013 2:27 PM
To: "openssl-users@openssl.org" <openssl-users@openssl.org>
Subject: Error 18: self signed certificate
self signed certificate
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
