Philip Martin <phi...@codematters.co.uk> writes: > In Marc's case getting a new server cert that is not RSASSA-PSS might be > the best solution.
r1822996 fixes the x509 parser on trunk. It doesn't mean that the client will be able to verify the RSASSA-PSS certs (you would need an OpenSSL fix for that) but it does allow a JavaHL client to accept the failure to verify. -- Philip
