OpenSSL_vcb_disambiguation Interface Reference
Detailed Description
OpenSSL has two very different concepts with nearly identical names:
a) A (replaceable) certificate verification function – X509_verify_cert(): This function drives the entire certificate verification algorithm. It can be called directly, but is usually called during SSL_connect(). OpenSSL calls this function a "verification callback function". SSL_CTX_set_cert_verify_callback(3) replaces X509_verify_cert() default.
b) An (optional) certificate verification adjustment callback: This function, if set, is called at the end of (a) to adjust (a) results. It is never called directly, only from (a). OpenSSL calls this function a "verify_callback function". The SSL_CTX_set_verify(3) family of functions sets this function.
The documentation for this interface was generated from the following file:
- src/ssl/support.cc