-
Kevin J. McCarthy authored
Accept a saved cert at any point in the chain, except for those revoked or with invalid dates. The INSECUREALG processing was a bit goofed up. It was skipping the prompt for every chain except the host, and was only displaying an error for entry 1 (the host being 0, root being len-1). Instead prompt at any point, and display a warning as with the other errors. Add a CERTERR_OTHER type to capture other bits. Recently GnuTLS has added additional certificate_status_t types. We may want to improve the prompts in the future for those, but for now at least make sure it's recorded in certerr.
d6581efc