Topic: [SOLVED] Client verification failing
When the server has the root cert only but client sends the rest of the chain, is verification supposed to work?
Client cert chain: A(root) -> B(intermediate) -> C(end entity)
Server loads A-only as trust anchor
Client sends chain: C-B or C-B-A
Server sends
01E4463837F0000:error:0A000418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:ssl/record/rec_layer_s3.c:1586:SSL alert number 48
wolfSSL v5.6.6-stable configured with --enable-distro --enable-pkcs11
[UPDATE] My bad: the client was sending cert C only, sorry for the noise