Re: [exim-dev] tls_verify_certificates forced failure vs. em…

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Jeremy Harris
日付:  
To: exim-dev
新しいトピック: [exim-dev] Should we always load the default trust store? (was: tls_verify_certificates forced failure vs. empty) string
題目: Re: [exim-dev] tls_verify_certificates forced failure vs. empty string
On 25/11/14 07:06, Heiko Schlittermann wrote:
> (Originally I wanted to complain about loading the
> default CAs, but now it's documented at least.)


As you probably also saw, I added in 4.next a way of
saying "just use the system default bundle". I've
not changed the current behaviour with OpenSSL on
loading both the default and the specified CAs though;
do you think there is a need for that?

The OpenSSL and GnuTLS implementations behave differently
in this respect.
--
Cheers,
Jeremy