Open zacikpa opened 2 years ago
OpenSSL does not return any error message for the unable_to_get_crl example chain. It should return X509_V_ERR_UNABLE_TO_GET_CRL.
unable_to_get_crl
X509_V_ERR_UNABLE_TO_GET_CRL
Possible culprit might be the load_cert_crl_http function in validation/client/openssl/client.c. Its return value might not be processed properly.
load_cert_crl_http
validation/client/openssl/client.c
Nice catch, may be a possible bug in the library. Worth investigating.
OpenSSL does not return any error message for the
unable_to_get_crl
example chain. It should returnX509_V_ERR_UNABLE_TO_GET_CRL
.Possible culprit might be the
load_cert_crl_http
function invalidation/client/openssl/client.c
. Its return value might not be processed properly.