This affects all ref-counted objects: X509, X509_REQ and X509_CRL and the functions d2i_X509(), d2i_X509_ALT(), d2i_X509_REQ(), d2i_X509_CRL and further complicates the semantic of corresponding PEM_read_ function family similar to #2278...
unzip ca_and_ocsp_demo.zip openssl x509 -text -in root-ocsp.crt openssl x509 -text -in root-ca.crt So anyway - if I should wind my proverbial neck back in and keep trialling with version 1.1.1 or watch this case for closure? (As I say happy to help with testing fixes but I ...