On Sat, 28 Aug 2021 16:09:35 -0400
Matthew Gillen <[email protected]> wrote:
> That seems like a very odd thing to do. The server certificate is
> provided as part of the TLS handshake, every single time you connect.
> There is no point in caching it for performance reasons. Maybe they
> are trying to do a poor-man's certificate pinning, and their
> implementation is bad? That's the only thing I can think of that
> would make storing the server cert useful in any way.
Apparently so:
certificates
When this option is enabled, the server certificate can be
accepted and stored, in order to validate the authenticity
of the server in future connections. This variable takes a
boolean as a value. Default is “true”.
--
Rich Pieri
_______________________________________________
Discuss mailing list
[email protected]
http://lists.blu.org/mailman/listinfo/discuss
