Abort GnuTLS certificate check if a cert in the chain is rejected.
GnuTLS is not checking dates because we disabled that in tls_negotiate(). So if we don't do this, rejecting an expired intermediate cert will have no effect. Certstat won't contain an expiration error, and tls_check_preauth() will only look at each subsequent cert in the chain's dates.
-
mentioned in issue #245 (closed)
-
mentioned in commit neomutt/neomutt@c9c5b86e
Please register or sign in to comment