search

digitalbazaar / forge

A native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps
https://digitalbazaar.com/
Other
5.05k stars 779 forks source link

verifyCertificateChain fails on certificates that should not #1055

Open YurkoWasHere opened 11 months ago

YurkoWasHere commented 11 months ago

This verify sequence fails but they should succeed (works on openssl)

let caStore = forge.pki.createCaStore([certificate_ark])
alert(forge.pki.verifyCertificateChain(caStore,[certificate_ask]));

Certificates in question in pem format. First one in the list is ASK second one is ARK ask_ark_milan.txt