Make OCSP response verification more flexible.
If a set of certificates is supplied to OCSP_basic_verify use those in addition to any present in the OCSP response as untrusted CAs when verifying a certificate chain. PR#3668 Reviewed-by:Matt Caswell <matt@openssl.org> (cherry picked from commit 4ca5efc2)
Please register or sign in to comment