Hi,
In case of certificate verification failures I'd like to include the verification error message ("certificate has expired", "unable to get issuer certificate", ...) in the diagnostic errormessage. For that I need pass the tls_session* as an extra argument to the TI_session_errmsg functions (for openssl I need the SSL* handle to get the verification error). Does anyone see a problem with this?
Ralf Haferkamp wrote:
Hi,
In case of certificate verification failures I'd like to include the verification error message ("certificate has expired", "unable to get issuer certificate", ...) in the diagnostic errormessage. For that I need pass the tls_session* as an extra argument to the TI_session_errmsg functions (for openssl I need the SSL* handle to get the verification error). Does anyone see a problem with this?
No problem, that's a completely internal API, can change as needed.
-
Howard Chu -
Ralf Haferkamp