-
Notifications
You must be signed in to change notification settings - Fork 177
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
using OpenSSL disables certificate checks by default? #937
Comments
quinnj
added a commit
to JuliaWeb/OpenSSL.jl
that referenced
this issue
Oct 17, 2022
quinnj
added a commit
to JuliaWeb/OpenSSL.jl
that referenced
this issue
Oct 17, 2022
…tion (#5) As reported in JuliaWeb/HTTP.jl#937.
quinnj
added a commit
that referenced
this issue
Oct 17, 2022
Fixes #937. There's a corresponding [OpenSSL PR](JuliaWeb/OpenSSL.jl#5) that fixes the actual verification bug, but I noticed some cleanup needed along the way. Notably: * Fix issue if you were using OpenSSL w/ a proxy, we would try to do the proxy upgrade still using MbedTLS * Create a default global `OpenSSL.SSLContext` that gets reused for every individual connection (as intended by the library)
quinnj
added a commit
that referenced
this issue
Oct 17, 2022
* Cleanup OpenSSL implementation Fixes #937. There's a corresponding [OpenSSL PR](JuliaWeb/OpenSSL.jl#5) that fixes the actual verification bug, but I noticed some cleanup needed along the way. Notably: * Fix issue if you were using OpenSSL w/ a proxy, we would try to do the proxy upgrade still using MbedTLS * Create a default global `OpenSSL.SSLContext` that gets reused for every individual connection (as intended by the library) * bump OpenSSL compat
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When not using OpenSSL, HTTP client requests check for validity of server certificate.
But they don't seem to be doing that when OpenSSL is used:
The text was updated successfully, but these errors were encountered: