The function OCSP_basic_verify
verifies the signer certificate on an OCSP
response. In the case where the (non-default) flag OCSP_NOCHECKS is used then
the response will be positive (meaning a successful verification) even in the
case where the response signing certificate fails to verify.
It is anticipated that most users of OCSP_basic_verify
will not use the
OCSP_NOCHECKS flag. In this case the OCSP_basic_verify
function will return
a negative value (indicating a fatal error) in the case of a certificate
verification failure. The normal expected return value in this case would be 0.
CPE | Name | Operator | Version |
---|---|---|---|
openssl-src | ge | 300.0.0 | |
openssl-src | lt | 300.0.6 |