On Mon, Jun 08, 2020 at 06:53:32PM +, Neil Proctor via openssl-users wrote:
> Hello,
>
> Specific to OpenSSL v1.0.2p and TLS1.2 are there any flags or options like,
> SSL_CERT_FLAG_TLS_STRICT, that set whether or not the client handshake
> finished hash is verified by the server? Or is this
Hello,
Specific to OpenSSL v1.0.2p and TLS1.2 are there any flags or options like,
SSL_CERT_FLAG_TLS_STRICT, that set whether or not the client handshake finished
hash is verified by the server? Or is this always performed regardless of
configuration?
During some of our testing, it seems that