Philip Guenther wrote: > On Wed, 13 Jan 2010, Michael Ströder wrote: >> Howard Chu wrote: >>> Michael Ströder wrote: >>>> Howard Chu wrote: >>>>> Show the output with debugging enabled. Note that "localhost" is >>>>> treated specially, and will be replaced by the local hostname >>>>> instead of being used directly in the name comparison. >>>> >>>> Why that? I strongly dislike automagic things when doing security checks. >>> >>> Probably because "localhost" is useless in an actual cert from a remote >>> server. >> >> Yes. But nothing prevents the client from providing the correct >> hostname. > > True, so why didn't you? :-)
I'm not the original poster having an issue. Ciao, Michael.
