Clifford Jansen created PROTON-2374: ---------------------------------------
Summary: Windows TLS processing rejects valid V1 X509 certificates Key: PROTON-2374 URL: https://issues.apache.org/jira/browse/PROTON-2374 Project: Qpid Proton Issue Type: Bug Components: cpp-binding, proton-c Affects Versions: proton-c-0.33.0 Environment: Windows Reporter: Clifford Jansen Assignee: Clifford Jansen Proton TLS processing for Windows rejects all Version 1 X509 certificates when verifying a peer in the opening handshake. This is inconsistent with the Posix versions which accept Version 1 certificates without fuss. While some might argue no one should be using V1 certs these days (unless needed by some ancient legacy application carefully isolated in a VPN), there is no outright ban on their use. It is easy enough to end up with V1 certificates using OpenSSL tooling. In the absence of a good argument to exclude V1 certs, this should be fixed and the current tests expanded to include additional certificate chains containing one or more V1 certificates. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org