240 			-- No TLSA matched or response was bogus

   240 			-- No TLSA matched or response was bogus

   241 			local why = "No TLSA matched certificate";

   241 			local why = "No TLSA matched certificate";

   242 			if dane.bogus then

   242 			if dane.bogus then

   243 				why = "Bogus: "..tostring(dane.bogus);

   243 				why = "Bogus: "..tostring(dane.bogus);

   244 			end

   244 			end

   246 			session.cert_identity_status = "invalid";

   246 			session.cert_identity_status = "invalid";

   247 			session.cert_chain_status = "invalid";

   247 			session.cert_chain_status = "invalid";

   248 		end

   248 		end

   249 	else

   249 	else

   250 		if session.cert_chain_status == "valid" and session.cert_identity_status ~= "valid"

   250 		if session.cert_chain_status == "valid" and session.cert_identity_status ~= "valid"