There is an known issue with SSL_CTX_use_certificate_chain_file
where it checks the error stack after calling SSL_CTX_use_certificate,
even if a successful return was reported.

A previous SSL error on the same thread can cause SSL_CTX_use_certificate_chain_file to always fail.

A work-around is to call ERR_clear_error() to clear the per-thread error queue
before calling SSL_CTX_use_certificate_chain_file.

I found the above reference only after having identified the problem.

Could an entry be made in the FAQ identifying the problem, and the work-around?


__________________________________________________ ____________________
OpenSSL Project
Development Mailing List
Automated List Manager