Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
2.3.14
-
None
Description
The SSL_VERIFY_FAIL_IF_NO_PEER_CERT flag is missing from the SSL_CTX_set_verify call. This causes certificate verification to be skipped when the client does not present a certificate even if peer verification is required.