I am using SSL_CTX_use_certificate_chain_file() to load the certificate chain.
Due to some issue, my certificate chain file has the following (please look at
the stray character "?")
-----BEGIN CERTIFICATE-----
Base-64 data of server
-----END CERTIFICATE-----
?-----BEGIN CERTIFICATE-----
Base-64 data of Int CA
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
Base-64 data of Root CA
-----END CERTIFICATE-----
?
I see that the certificate immediately following the "?" is getting not
delivered during handshake; in this case certificate of Intermediate CA.
Was going through https://www.irt.org/rfc/rfc7468.htm
############################################################### Textual
encoding begins with a line comprising "-----BEGIN ", a
label, and "-----", and ends with a line comprising "-----END ", a
label, and "-----". Between these lines, or "encapsulation
boundaries", are base64-encoded data according to Section 4 of
[RFC4648]. (PEM [RFC1421] referred to this data as the "encapsulated
Josefsson & Leonard Standards Track [Page 3]
RFC 7468 PKIX Textual Encodings April 2015
text portion".) Data before the encapsulation boundaries are
permitted, and parsers MUST NOT malfunction when processing such
data.########################################################################Could
someone please comment on this one?
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
