From: Dr. Stephen Henson <steve@openssl.org>
Date: Sun, 21 Sep 2003 02:12:36 +0000 (+0000)
Subject: In order to get the expected self signed error when
X-Git-Tag: BEN_FIPS_TEST_1~20
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a26be0386e94a6e3f2322667643e5fd33f31d575;p=openssl

In order to get the expected self signed error when
calling X509_verify_cert() in x509.c the cert should
not be added to the trusted store.
---

diff --git a/apps/x509.c b/apps/x509.c
index 66f0074f45..2020b51de0 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -1145,7 +1145,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
 	else if (!(bs = load_serial(CAfile, serialfile, create)))
 		goto end;
 
-	if (!X509_STORE_add_cert(ctx,x)) goto end;
+/*	if (!X509_STORE_add_cert(ctx,x)) goto end;*/
 
 	/* NOTE: this certificate can/should be self signed, unless it was
 	 * a certificate request in which case it is not. */