Skip to content


Fix defaultCheckCerts. #6

wants to merge 2 commits into from

2 participants


IMHO, this warrants a heads-up at least on web-devel since there may be someone relying on http-conduit to check the certificates.

Also, is http-enumerator still maintained? This fix definitely needs to be backported.


Regarding http-enumerator, done here: snoyberg/http-enumerator#54.


I applied your fix to an older commit, released, and then merged. Thanks!

@snoyberg snoyberg closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
This page is out of date. Refresh to see the latest.
Showing with 2 additions and 2 deletions.
  1. +1 −1 Network/HTTP/Conduit/Request.hs
  2. +1 −1 http-conduit.cabal
2 Network/HTTP/Conduit/Request.hs
@@ -165,7 +165,7 @@ defaultCheckCerts :: W.Ascii -> [X509] -> IO TLSCertificateUsage
defaultCheckCerts host' certs =
case certificateVerifyDomain (S8.unpack host') certs of
CertificateUsageAccept -> certificateVerifyChain certs
- _ -> return CertificateUsageAccept
+ rejected -> return rejected
instance Default (Request m) where
def = Request
2 http-conduit.cabal
@@ -1,5 +1,5 @@
name: http-conduit
+version: 1.1.2
license: BSD3
license-file: LICENSE
author: Michael Snoyman <>
Something went wrong with that request. Please try again.