projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3b509e8) | patch
In certain situations the server provided certificate chain may no longer be valid...
authorMatt Caswell <matt@openssl.org>
Tue, 27 Jan 2015 10:03:29 +0000 (10:03 +0000)
committerKurt Roeckx <kurt@roeckx.be>
Wed, 20 May 2015 21:14:24 +0000 (23:14 +0200)
commitf7bf8e02dfcb2c02bc12a59276d0a3ba43e6c204
tree37aaebd9e1297b668377aed51484e69371429756tree | snapshot
parent3b509e8cdc5ca6f42fd66a1325c9d0d23a4103c6commit | diff
In certain situations the server provided certificate chain may no longer be valid. However the issuer of the leaf, or some intermediate cert is in fact in the trust store.

When building a trust chain if the first attempt fails, then try to see if
alternate chains could be constructed that are trusted.

RT3637
RT3621

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
crypto/x509/x509_vfy.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.