Hi Simon, > Does this function > validate the peer (remote) certificate extensions or validate only local > certificate extensions?
Validate in what way? Basically, as the name implies, it parses X.509 extensions so they can be accessed via the getters and enumerators of the x509_t interface. It does this for any certificate that's parsed, local or remote. > For validating the peer certificate extensions, do we have any specific > configuration parameter to enable or it will do by default? Again, validating what exactly? Regards, Tobias
