aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/test/make_certs.erl
diff options
context:
space:
mode:
authorMagnus Henoch <[email protected]>2016-01-29 18:47:43 +0000
committerMagnus Henoch <[email protected]>2016-02-17 10:05:26 +0000
commita567dca5ea418a0aaaed8fb4359032b11f28cccd (patch)
tree06e623b56e43f70e14b4019dc8a4783e0f966a1b /lib/ssl/test/make_certs.erl
parent6945881b99aeadaf9ed4ec1f8c7811538cee1405 (diff)
downloadotp-a567dca5ea418a0aaaed8fb4359032b11f28cccd.tar.gz
otp-a567dca5ea418a0aaaed8fb4359032b11f28cccd.tar.bz2
otp-a567dca5ea418a0aaaed8fb4359032b11f28cccd.zip
ssl: with verify_none, accept critical extensions
When establishing a TLS connection with {verify, verify_none}, if the server has a certificate with a critical extension, for example a "Netscape Cert Type" extension, certificate verification would fail, which is surprising given that the name of the option suggests that no verification would be performed. With this change, certificate extensions marked as critical are ignored when using verify_none.
Diffstat (limited to 'lib/ssl/test/make_certs.erl')
0 files changed, 0 insertions, 0 deletions