On validation the OpenSSL function SSL_get_verify_result returns
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
The way I understand this X509 error is that your cert doesn't send the CA root authority as part of the X509 cert chain and since FlashFXP doesn't have the CA root authority locally it's unable to validate the cert. This isn't a strong subject for me, I'm not sure if FlashFXP would be able to validate the cert even if it had the CA root authority cert.
Currently FlashFXP is unable to validate this type of cert.
I tested this behavior with a few different ftp clients and I'm not entirely sure if they actually validate this type of cert or just accept it without warning the user.
|