Verifying server certificate failed?!
Ted Zlatanov
tzz at lifelogs.com
Fri Mar 16 13:00:54 CET 2012
On Thu, 15 Mar 2012 19:05:40 +0100 Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
NM> On 03/15/2012 04:19 PM, Sven Geggus wrote:
>> So I definitely think gnutls should be more tolerant about
>> certificates which are not in use but provided anyway.
NM> I don't think this is a good idea. The protocol exactly specifies which
NM> certificates should be present. It does not allow any kind of additional
NM> information to be present so by providing it you violate the protocol.
NM> On the practical side, a simpler parser allows for simpler code and
NM> thus less bugs.
Could the error message be improved, if that doesn't complicate the code
too much?
Ted
More information about the Gnutls-help
mailing list