[xmlsec] clarification on openssl verification

John Crowley johncrowley at aol.com
Thu Sep 21 07:28:40 PDT 2006


xmlSecOpenSSLKeyDataX509VerifyAndExtractKey() checks keyInfoCtx- 
 >flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT to  
determine whether to report error if part of a chain is missing.   
We're testing a self-signed cert and erroneously had something  
missing but xmlsec proceeded without error.

I can't find where xmlsec actually sets such a flag.

Thanks





More information about the xmlsec mailing list