[strongSwan-dev] query on peer (remote) certificate validation
tobias at strongswan.org
Fri Dec 4 09:31:44 CET 2020
> Does this function
> validate the peer (remote) certificate extensions or validate only local
> certificate extensions?
Validate in what way? Basically, as the name implies, it parses X.509
extensions so they can be accessed via the getters and enumerators of
the x509_t interface. It does this for any certificate that's parsed,
local or remote.
> For validating the peer certificate extensions, do we have any specific
> configuration parameter to enable or it will do by default?
Again, validating what exactly?
More information about the Dev