summaryrefslogtreecommitdiffstats
path: root/test/certs/ca-cert-768.pem (follow)
Commit message (Collapse)AuthorAgeFilesLines
* make various test CA certs RFC 5280 compliant w.r.t. X509 extensionsDr. David von Oheimb2021-01-201-11/+11
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13719)
* Move peer chain security checks into x509_vfy.cViktor Dukhovni2016-04-031-0/+15
A new X509_VERIFY_PARAM_set_auth_level() function sets the authentication security level. For verification of SSL peers, this is automatically set from the SSL security level. Otherwise, for now, the authentication security level remains at (effectively) 0 by default. The new "-auth_level" verify(1) option is available in all the command-line tools that support the standard verify(1) options. New verify(1) tests added to check enforcement of chain signature and public key security levels. Also added new tests of enforcement of the verify_depth limit. Updated documentation. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>