Arno Garrels wrote: > RTT wrote: >> And you are sure the MyServerCert.pem is not, by mistake, self >> signed. > > Very sure.
I misunderstood the purpose of the -untrusted switch completely. Its purpose is to add chain certificates not explicitly trusted. These certificates are used to build up the verify chain internally. For instance: #1 Root cert was in the TrustedCA.pem #2 Intermediate CA cert signed by #1 was NOT in TrustedCA.pem #3 Server cert to be verified signed by #2 You have to add #2 with -untrusted otherwise the verify chain cannot be completed. -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be