[strongSwan-dev] query on peer (remote) certificate validation
simonkbaby at gmail.com
Fri Dec 4 18:26:55 CET 2020
Thank you for the response.
I am specifically looking for interfacing my application with charon for
getting notification of a failure in the case of a remote certificate
parsing failed for key usage extension. Our application uses VICI to pass
configuration information to charon.
On Fri, Dec 4, 2020 at 12:31 AM Tobias Brunner <tobias at strongswan.org>
> Hi Simon,
> > Does this function
> > validate the peer (remote) certificate extensions or validate only local
> > certificate extensions?
> Validate in what way? Basically, as the name implies, it parses X.509
> extensions so they can be accessed via the getters and enumerators of
> the x509_t interface. It does this for any certificate that's parsed,
> local or remote.
> > For validating the peer certificate extensions, do we have any specific
> > configuration parameter to enable or it will do by default?
> Again, validating what exactly?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dev