Function SSLSet Enable Cert Verify
Enables or disables peer certificate chain validation.
To disable peer certificate chain validation, you can instead use
to set SSLSet Session Option to true. This will disable verification and cause k SSLSession Option Break On Server Auth to return with an SSLHandshake errSSLServerAuthCompleted result when the peer certificates have been received. Then you can choose to evaluate peer trust yourself or simply call again to proceed with the handshake. SSLHandshake
macOS 10.2–10.9 Deprecated Declaration OSStatus SSLSetEnableCertVerify( context, SSLContext Ref enableVerify);
An SSL session context reference.
A Boolean value specifying whether peer certificate chain validation is enabled. Certificate chain validation is enabled by default. Specify
to disable validation.
By default, Secure Transport attempts to verify the certificate chain during an exchange of peer certificates. If you disable peer certificate chain validation, it is your responsibility to call
upon successful completion of the handshake and then to validate the peer certificate chain before transferring the data. SSLCopy Peer Certificates
You can use the
function to determine the current setting of the SSLGet Enable Cert Verify
enable Verify See Also Legacy Operations SSLNew Context
Creates a new Secure Sockets Layer (SSL) session context.
Deprecated SSLGet Rsa Blinding
Obtains a value indicating whether RSA blinding is enabled.
Deprecated SSLSet Allows Any Root
Specifies whether root certificates from unrecognized certification authorities are allowed.
Deprecated SSLSet Trusted Roots
Augments or replaces the default set of trusted root certificates for this session.