From 7068c8b1a6b9f88fc96f9de78147a08c16b3639a Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 21 Sep 2003 02:18:15 +0000 Subject: [PATCH] In order to get the expected self signed error when calling X509_verify_cert() in x509.c the cert should not be added to the trusted store. --- apps/x509.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/x509.c b/apps/x509.c index f0ef5596fa..036e255054 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -1103,7 +1103,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, else if (!(bs = x509_load_serial(CAfile, serialfile, create))) goto end; - if (!X509_STORE_add_cert(ctx,x)) goto end; +/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/ /* NOTE: this certificate can/should be self signed, unless it was * a certificate request in which case it is not. */ -- 2.25.1