Hi Bartosz,
First of all, thank you for volunteering to check this out.
If client trusts a CA which is not universally trusted, is it possible to
find that CA information within the client ? If yes we can use the same CA
to check the certificates, right ?
On Tue, Jun 4, 2013 at 5:07 PM, Bartosz
Hi,
Simply using SSL_get_verify_result() is not a solution here, as it
returns X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY when connecting
to the proprietary servers on my system (I assume I am not being
attacked, you might want to confirm it yourself).
But checking which certificates are accept
Hi Wojtek,
Sorry, I have a doubt. I would like to know how certificate validation is
performed in the proprietary protocol and why something similar cannot be
performed in this case?
On Tue, Jun 4, 2013 at 4:41 AM, Wojtek Kaniewski wrote:
> Dnia 2013-06-02, nie o godzinie 19:02 +0530, Radhesh