Hello,
The proposed patch generalizes a mechanism that currently exist, but is
incomplete.
It now allows to accept all SSL connections that fail for any reason
related to certificate verification or validation.
Could this be included in next release ?
This has a huge impact on the user, as it is possible to give a
meaningful error message in case of a problem (like "your certificate is
revoked"), instead of a network error at SSL level.
The patch is quite simple, and it is used in several major Governmental
servers in Belgium, so we shouldn't expect problems.
Regards,
Nick
