You are asking two different questions. The certificates that the *client* sends are specified by the various “use certficiate” API’s. No chain is built. See doc/man3/SSL_CTX_use_certificate.pod, especially the “use certificate chain file” API.
As for what the *server* does, it tries to use what the client sends and build a chain up to one of the certificates that is in the local, server, trust store. The API’s are a bit different for 1.0.2 than for 1.1.0
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
