Hi Darren, Thanks, I will file a bug on this issue...
Regards, Henry Darren J Moffat ??: > I see from the code that it is passing SSL_VERIFY_NONE to > SSL_CTX_set_verify() > > From the man page: > > > SSL_VERIFY_NONE > Server mode: the server will not send a client > certificate request to the client, so the client will > not send a certificate. > > Client mode: if not using an anonymous cipher (by > default disabled), the server will send a certificate > which will be checked. The result of the certificate > verification process can be checked after the TLS/SSL > handshake using the SSL_get_verify_result(3) function. > The handshake will be continued regardless of the > verification result. > > > This is the answer for the case. Personally I'm not happy with this > however it is what gkrellm does and it answers my question. I would > like the project team to file a bug upstream (if there isn't one > already) to provide functionality to actually verify the server's > SSL/TLS certificate. > > -- > Darren J Moffat
