Hi there,

i've been looking into the sources to find a place where the
cert chain checking is done in terms of the certs span of life.

Downwards the chain each cert should become valid while the issuers
cert is valid.

I thought the right place would be somewhere within x509_vfy.c,
perhaps at check_issued, but the search was in vain.

Any hints?

Christian Weber
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org