Fixed now, thanks for the report.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/ope
On Wed Aug 05 01:06:40 2015, m...@bogosian.net wrote:
> Hi Steve,
>
> I've attached three certificate collections: two that fail (where
> subject == issuer) and one that works around the problem (where
> subject != issuer).
OK thanks for the examples. The bug is that OpenSSL 1.0.2 is less strict a
Hi Steve,
I've attached three certificate collections: two that fail (where subject ==
issuer) and one that works around the problem (where subject != issuer). In my
personal testing (on OS X), OpenSSL 0.9.8zd (installed by the OS) works on all
three collections, whereas OpenSSL 1.0.2d (install
On Tue Aug 04 18:25:25 2015, m...@bogosian.net wrote:
>
> Please let me know if you have any questions, and I'd be happy to
> elaborate.
>
Can you attach examples of the two certificates (EE and CA) that exhibit this
problem?
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commerc
Later versions[1] of OpenSSL will (mistakenly) complain that if subject text ==
issuer text, then the certificate is self-signed (even if it isn't).
[1] I haven't narrowed down exactly which; 0.9.8 and 1.0.0 generally don't
exhibit this problem, whereas 1.0.1 and 1.0.2 generally do.
A more deta