例如,失败的信任验证可能只是意味着没有可信任的证书。
For example, a failed trust verification could simply mean that the trust certificate is not available.
如果证书未经可信任的证书颁发机构签名,并且您信任此机构,您可以增加证书签名。
If the certificate was not signed by a trusted certification authority, you can add the certification authority if you trust the authority.
要想增加一个可信任的证书颁发机构,浏览到证书错误页面,并且点击InternetExplorer地址栏中的CertificateError按钮。
To add a Trusted certification authority, continue navigation from the Certificate Error page, and then click the Certificate Error button in the Internet Explorer address bar.
这里要用到三个参数:上下文指针、可信任库文件的路径和文件名,以及证书所在目录的路径。
This takes three parameters: the context pointer, the path and the filename of the trust store file, and a path to a directory of certificates.
要检验证书是可信任的,需要在连接建立之前提前加载一个可信任证书库。
Verifying that the certificate is trusted requires that a trust certificate store be loaded prior to establishing the connection.
处理:确保您在使用由可信任的根证书颁发机构颁发的有效的、非过期的安全证书。
Workaround: Ensure that you are using valid, non-expired security certificates issued by a trusted root certification authority.
必须指定可信任库文件或证书的目录。
One of either the trust store file or directory of certificates must be specified.
如果不能确认证书是可信任的,那么openssl会将证书标记为无效(但连接仍可以继续)。
If the certificate cannot be verified for trust, OpenSSL flags the certificate as invalid (but the connection can still continue).
数字证书的可信任性取决于数字签名本身的有效性。
The validity of digital certificate depends on the digital signatures.
数字证书的可信任性取决于数字签名本身的有效性。
The validity of digital certificate depends on the digital signatures.
应用推荐