git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Tue, 27 Jan 2015 10:03:29 +0000 (10:03 +0000)
committer	Kurt Roeckx <kurt@roeckx.be>
	Wed, 20 May 2015 21:14:24 +0000 (23:14 +0200)
commit	f7bf8e02dfcb2c02bc12a59276d0a3ba43e6c204
tree	37aaebd9e1297b668377aed51484e69371429756	tree \| snapshot
parent	3b509e8cdc5ca6f42fd66a1325c9d0d23a4103c6	commit \| diff

In certain situations the server provided certificate chain may no longer be valid. However the issuer of the leaf, or some intermediate cert is in fact in the trust store.

When building a trust chain if the first attempt fails, then try to see if
alternate chains could be constructed that are trusted.

RT3637
RT3621

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>

crypto/x509/x509_vfy.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom