Details
-
Type:
Bug
-
Status: Closed (View Workflow)
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 2.3.14
-
Component/s: Core
-
Labels:None
Description
The SSL_VERIFY_FAIL_IF_NO_PEER_CERT flag is missing from the SSL_CTX_set_verify call. This causes certificate verification to be skipped when the client does not present a certificate even if peer verification is required.