Daniel,
Am 08.10.2009, 22:30 Uhr, schrieb Daniel Veditz <dved...@mozilla.com>:
On 10/7/09 4:00 PM, Guenter wrote:
Hi,
is there any way to overwrite the default behaviour that a remote SSL
host is verified against the CA list in the certdb?
At what level? Assuming you're asking in this newsgroup because you're
writing code to use NSS directly
exactly.
(or through PSM) you could look at what PSM does to create "override"
exceptions and just do that automatically.
I dont use PSM, I need a solution for pure NSS.
And I'm fully aware of any riscs which arise without verifying against a
CA bundle to make sure that the cert's issuer is valid.
So how you deal with self-sgined certificates if you dont want / cant
import the matching CA to the certdb?
Is there really no NSS setting / function which bypasses CA verification
requirement?
Thanks, Günter.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
