pub fn verify_server_cert_signed_by_trust_anchor(
cert: &ParsedCertificate<'_>,
roots: &RootCertStore,
intermediates: &[CertificateDer<'_>],
now: UnixTime,
supported_algs: &[&dyn SignatureVerificationAlgorithm],
) -> Result<(), Error>展开描述
验证终端实体证书 end_entity 是否为有效的服务器证书
并 chains 到 at least one of the trust anchors in the roots RootCertStore。
This function is primarily useful when building 一个 custom certificate verifier. It
performs no revocation checking。 Implementers must handle this themselves,
along with checking that the server certificate is valid 用于 the subject name
being 用 (see verify_server_name)。
intermediates contains 所有证书 other than end_entity that
were sent as part of the server’s Certificate message. It is in the
same order that the server sent them 并 may be empty.