[stunnel-users] Why does verify=3 require the entire cert chain to be present in cafile?

• Next message (by thread): [stunnel-users] Why does verify=3 require the entire cert chain to be present in cafile?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/15/2011 6:37 AM, al_9x at yahoo.com wrote:
> If the leaf (server) cert is declared trusted (added to the cafile), 
> there is no point in walking the trust chain.

Michal Trojnara, can you comment please?  Can you support a mode of 
validation that allows one to trust the server certificate, without 
having to add the whole chain?

• Next message (by thread): [stunnel-users] Why does verify=3 require the entire cert chain to be present in cafile?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]