NetBurner Community Forum

A community of NetBurner users gathering to discuss NetBurner hardware, software, design and projects
https://tempwiki.embeddedethernet.com/

SSL: CA Cert List

https://tempwiki.embeddedethernet.com/viewtopic.php?t=2341

Page 1 of 1

SSL: CA Cert List

Posted: Wed Aug 03, 2016 12:05 pm
by dnishimura
Is there a way to update the CA Cert list without having to regenerate the ccerts.cpp file and recompiling each time?

Re: SSL: CA Cert List

Posted: Wed Aug 03, 2016 4:33 pm
by dnishimura
Couple of possible issues (v2.7.6):

Scenario 1) When doing a SSL_connect to a particularly busy server, having verify_peer=true, I get a TCP timeout and it subsequently keeps timing out with each call. However, if I do a SSL_connect with verify_peer=true, then SSL_connect with verify_peer=false, I'm able to connect, even if I set verify_peer back to true again.

Scenario 2) I created a valid CA cert in the ccerts.cpp file, but not one that is installed on the server I want to connect to. When doing SSL_connect with verify_peer=true, it's able to connect even though the CA cert in ccerts.cpp is different from what is installed on the server. How is SSL_connect verifying?
All times are UTC-07:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited