WolfSSL v5.0.0 includes an added build option to configure wolfSSL with the alternate certificate chain feature enabled! Default wolfSSL behavior is to require validation of all presented peer certificates. This also allows loading intermediate Certificate Authorities (CA’s) as trusted and ignoring no signer failures for CA’s up the chain to root. Enabling alternate certificate chain mode only requires that the peer certificate validate to a trusted CA.
The newly added build improvement allows the option --enable-altcertchains
to be appended to the ./configure
script to build the wolfSSL library with alternate certificate chain mode enabled.
More information on building wolfSSL can be found in the wolfSSL manual.
Access the wolfSSL GitHub page here: https://github.com/wolfSSL/wolfssl
Need more? Subscribe to our YouTube channel for access to wolfSSL webinars!
If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.