tinify-net icon indicating copy to clipboard operation
tinify-net copied to clipboard
verified publisher icon tinify

Allow to skip the CA certificate Validation. This fixes #6

Open joaomatossilva opened this issue 8 years ago • 2 comments

joaomatossilva avatar Feb 15 '17 16:02 joaomatossilva

I'm not sure about this. Shouldn't it be a compile time flag? Very few API users will create a Client directly.

In any case omitting ServerCertificateCustomValidationCallback does not mean that the certificate is not validated, it means that it's validated with the default roots, not the roots supplied in src/Tinify/data/cacert.pem.

rolftimmermans avatar Feb 16 '17 10:02 rolftimmermans

In order to make it a compile time flag, you would need to create two diferent libraries. One with and another one without. I got the impression this was going just to be a fallback while Microsoft has issues with the just supporting the OpenSsl.

By ommitting the ServerCertificateCustomValidationCallback I was just falling back to the originalo behaviour of the HttpClient. Do you mean we should skip validation at all?

joaomatossilva avatar Feb 16 '17 11:02 joaomatossilva