From c873f3f77da8273e160612468f08892b2ba0ed99 Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Tue, 14 Apr 2026 07:58:43 -0500 Subject: [PATCH] Fix from review --- src/x509_str.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/x509_str.c b/src/x509_str.c index 01e9751987..67e3fcae61 100644 --- a/src/x509_str.c +++ b/src/x509_str.c @@ -765,6 +765,10 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx) X509StoreCertIsTrusted(ctx->store, ctx->current_cert, origTrustedSk)) { wolfSSL_sk_X509_push(ctx->chain, ctx->current_cert); + /* Clear error set by the failed X509StoreVerifyCert + * attempt; the partial-chain fallback accepted the + * chain at a caller-trusted certificate. */ + ctx->error = 0; ret = WOLFSSL_SUCCESS; } else { X509VerifyCertSetupRetry(ctx, certs, failedCerts,