[strongSwan-dev] query on peer (remote) certificate validation
Tobias Brunner
tobias at strongswan.org
Fri Dec 4 09:31:44 CET 2020
Hi Simon,
> Does this function
> validate the peer (remote) certificate extensions or validate only local
> certificate extensions?
Validate in what way? Basically, as the name implies, it parses X.509
extensions so they can be accessed via the getters and enumerators of
the x509_t interface. It does this for any certificate that's parsed,
local or remote.
> For validating the peer certificate extensions, do we have any specific
> configuration parameter to enable or it will do by default?
Again, validating what exactly?
Regards,
Tobias
More information about the Dev
mailing list