Hi,

I searched a lot on google, in the archives, and in the FAQ page, but could not find the differences between verify levels 2 and 3, other than the one line explanation given on the FAQ/man page.

Specifically, I want to ask:
1. Is verify level 3 same as 2, but asks for client certificates as well?  (Seems unlikely but still..)
2. Since verify level 2 also demands CApath/CAfile to be present, then it also is ultimately verifying against locally installed certs, which is supposed to be level 3's behaviour?

Thanks & regards,
Sandeep Kumar
http://web.iiit.ac.in/~sandeep_kr