From 5bf7f2f29806ff808a5a6b52efa06fda6c3c4b86 Mon Sep 17 00:00:00 2001
From: luwenpeng <luwenpeng@zdjizhi.com>
Date: Mon, 14 Dec 2020 17:06:07 +0600
Subject: [PATCH] =?UTF-8?q?TSG-4471=20=E5=B0=86=20self=20signed=20certific?=
 =?UTF-8?q?ate=20in=20certificate=20chain=20=E7=8A=B6=E6=80=81=E7=9A=84?=
 =?UTF-8?q?=E8=AF=81=E4=B9=A6=E5=88=A4=E6=96=AD=E4=B8=BA=20invalid=20issue?=
 =?UTF-8?q?r?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 platform/src/ssl_trusted_cert_storage.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/platform/src/ssl_trusted_cert_storage.cpp b/platform/src/ssl_trusted_cert_storage.cpp
index d4d03f0..4111cd7 100644
--- a/platform/src/ssl_trusted_cert_storage.cpp
+++ b/platform/src/ssl_trusted_cert_storage.cpp
@@ -355,6 +355,7 @@ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
 	param = (struct cert_verify_param*)X509_STORE_CTX_get_ex_data(ctx, SSL_EX_DATA_IDX_VERIFY_PARAM);
 	switch(err)
 	{
+		case	X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
 		case	X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
 		case	X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
 			if(param->no_verify_issuer)
@@ -363,7 +364,6 @@ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
 			}
 			param->real_untrust |= 0x02;
 			break;
-		case	X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
 		case	X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
 			if(param->no_verify_self_signed)
 			{