Hello openssl-users,
We came across a change in OpenSSL 1.1.1j that has introduced a regression.
https://github.com/openssl/openssl/pull/13304 and
https://github.com/openssl/openssl/pull/13305 introduced the behaviour
change: when servername callback is set, we suppose that we are
TLS1.3-capable
Question was how to retrieve those lists for any given certificate,
using currently supported OpenSSL APIs.
The lists of usage bits and extusage OIDs in any given certificate
are finite, even if the list of values that could be in other
certificates is infinite.
On 2021-07-16 06:44, Kyle