The function OCSP_basic_verify
verifies the signer certificate on an OCSP
response. In the case where the (non-default) flag OCSP_NOCHECKS is used then
the response will be positive (meaning a successful verification) even in the
case where the response signing certificate fails to verify.
It is anticipated that most users of OCSP_basic_verify
will not use the
OCSP_NOCHECKS flag. In this case the OCSP_basic_verify
function will return
a negative value (indicating a fatal error) in the case of a certificate
verification failure. The normal expected return value in this case would be 0.
{ "license": "CC0-1.0" }