Re: [exim-dev] tls_verify_certificates forced failure vs. em…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Jeremy Harris
Dátum:  
Címzett: exim-dev
Új témák: [exim-dev] Should we always load the default trust store? (was: tls_verify_certificates forced failure vs. empty) string
Tárgy: Re: [exim-dev] tls_verify_certificates forced failure vs. empty string
On 25/11/14 07:06, Heiko Schlittermann wrote:
> (Originally I wanted to complain about loading the
> default CAs, but now it's documented at least.)


As you probably also saw, I added in 4.next a way of
saying "just use the system default bundle". I've
not changed the current behaviour with OpenSSL on
loading both the default and the specified CAs though;
do you think there is a need for that?

The OpenSSL and GnuTLS implementations behave differently
in this respect.
--
Cheers,
Jeremy