Magnus Bodin
3/30/2005 8:21:00 AM
On Wed, Mar 30, 2005 at 03:21:36PM +0900, leon breedt wrote:
>
> I.e. what are you supposed to do when you have two certificates in the
> same "store" with the same hash, but entirely different DN's?
> Increment it to .1?
Yes.
As it says in the openssl srcdocs; (doc/ssl/SSL_CTX_load_verify_locations.pod)
"If more than one CA certificate with the same name hash value exist, the
extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). The search
is performed in the ordering of the extension number, regardless of other
properties of the certificates."
-- magnus