From 5f444c8fcd2338477c988c775c847624284638b9 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 21 Sep 2003 02:15:07 +0000 Subject: [PATCH] In order to get the expected self signed error when calling X509_verify_cert() in x509.c the cert should not be added to the trusted store. --- apps/x509.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/x509.c b/apps/x509.c index 66f0074f45..2020b51de0 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -1145,7 +1145,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, else if (!(bs = load_serial(CAfile, serialfile, create))) goto end; - if (!X509_STORE_add_cert(ctx,x)) goto end; +/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/ /* NOTE: this certificate can/should be self signed, unless it was * a certificate request in which case it is not. */ -- 2.25.1