"SSL Exception: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed"

[toby20130333]

Hi
When I build poco libs with openssl 1.1
I use this poco with branchio sdk
I use the branchio sdk in my project follow the link: https://help.branch.io/developers-hub/docs/windows-cpp-basic-integration

I got the follow errors when i run my app and send custom event with https:

"SSL Exception: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed"

thank you

[cyee-branch]

@toby20130333 , can you provide some details on how you are getting the errors ? Perhaps some skeleton code/project so I can investigate ? Thanks.

[cyee-branch]

@toby20130333 , also have you check the validity of your certificate ? An invalid certificate is a likely cause of the error.

[echo-branch]

@toby20130333
While working on an SSL bug in our poco dependency we noticed an issue with SSL verify. The poco library is strictly enforcing revocation chains and failing verification even though the comments say it should not do this. I've opened a PR in an attempt to get this fixed.

https://github.com/pocoproject/poco/pull/3397/files

This should only impact certificates without a valid revocation chain, which could be self signed certs, proxy certs, etc.

[tomyhometown]

It may help, I am working the two-way SSL client side, I don't get this error anymore after I use SSL_set_tlsext_host_name() to set the server name indication ClientHello extension. I get this error because the server side have multiple sets of certificates and it uses server name extension to match.