| Commit message (Collapse) | Author | Age | Files |
|
|
|
|
| |
And pass CA:TRUE as basic constraint. This fixes the test suite with
OpenSSL 3.2 with defaults to X.509v3 and CA:FALSE.
|
|
|
|
| |
To avoid depending on the system default.
|
|
|
|
| |
That way we can avoid using autopkgtest's 'allow-stderr' restriction.
|
|
|
|
|
|
| |
This is controlled by the new 'SSL_hostname' option. The default value
of that option is the value of the 'host' option when it is hostname,
and the empty string (which disables SNI) when it is an IP literal.
|
|
|
|
|
|
|
|
|
|
| |
More precisely, ensure that the certificate Subject Alternative Name
(SAN) or Subject CommonName (CN) matches the hostname or IP literal
specified by the 'host' option. Previously it was only verifying the
chain of trust.
This bumps the minimum Net::SSLeay version to 1.83 and OpenSSL version
1.0.2.
|
|
In addition, sign test certificates with the same root CA. Hence
running `make test` now requires OpenSSL 1.1.1 or later.
|