Hello Tobias, Thank you for the response. I am specifically looking for interfacing my application with charon for getting notification of a failure in the case of a remote certificate parsing failed for key usage extension. Our application uses VICI to pass configuration information to charon. I
Regards Simon On Fri, Dec 4, 2020 at 12:31 AM Tobias Brunner <[email protected]> wrote: > Hi Simon, > > > Does this function > > validate the peer (remote) certificate extensions or validate only local > > certificate extensions? > > Validate in what way? Basically, as the name implies, it parses X.509 > extensions so they can be accessed via the getters and enumerators of > the x509_t interface. It does this for any certificate that's parsed, > local or remote. > > > For validating the peer certificate extensions, do we have any specific > > configuration parameter to enable or it will do by default? > > Again, validating what exactly? > > Regards, > Tobias >
