Timeline for SSL root certificate optional?
Current License: CC BY-SA 3.0
3 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Nov 12, 2020 at 16:03 | comment | added | NuTTyX | The default behaviour is to send the whole chain. I think they finally made some option to avoid sending the root CA, but since it does not affect any known client, I just leave it like that. It sends an extra cert (around 1kb I think) but it also helps the client to make sure they have the correct root installed on their side. | |
| Nov 12, 2020 at 13:17 | comment | added | Maarten Bodewes | Interesting. does it also send the full chain within the handshake though? | |
| Aug 13, 2014 at 21:57 | history | answered | NuTTyX | CC BY-SA 3.0 |