|
|
|
|
|
|
by wbond
1353 days ago
|
|
|
Your statement is correct. BadTLS explicitly exists to test certs that you generally should not, but often do, run into in the wild. As a result, most software handles these in poor ways, with error messages that are unhelpful at best. Writing tests that utilize a custom root doesn’t seem all that much work for a library supporting TLS. |
|
|