Initial CRL based revocation checking.
[openssl.git] / ssl / s3_both.c
index 3e98cb0..b4d1b84 100644 (file)
@@ -512,6 +512,7 @@ int ssl_verify_alarm_type(long type)
                {
        case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
        case X509_V_ERR_UNABLE_TO_GET_CRL:
+       case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
                al=SSL_AD_UNKNOWN_CA;
                break;
        case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: