On 23/06/15 03:50, Jan Just Keijser wrote: > 1) do we think it's valuable to add something like this (currently NO > cert checks are done when 'client-cert-not-required' is used) ?
sounds like what you really want is for this to be renamed "--verify-client-cert (none|optional|required)" - with the default still being "required" of course - sort of like Apache's SSLVerifyClient -- Cheers Jason Haar Corporate Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
