In order to get the expected self signed error when
calling X509_verify_cert() in x509.c the cert should not be added to the trusted store.
This commit is contained in:
Dr. Stephen Henson
parent
62afa8bd58
commit
5f444c8fcd
1 changed files with 1 additions and 1 deletions
|
|
@ -1145,7 +1145,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
|
|||
else if (!(bs = load_serial(CAfile, serialfile, create)))
|
||||
goto end;
|
||||
|
||||
if (!X509_STORE_add_cert(ctx,x)) goto end;
|
||||
/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/
|
||||
|
||||
/* NOTE: this certificate can/should be self signed, unless it was
|
||||
* a certificate request in which case it is not. */
|
||||
|
|
|
|||
Loading…
Reference in a new issue