equal
deleted
inserted
replaced
923 for i, e in pairs(session.cert_chain_errors) do |
923 for i, e in pairs(session.cert_chain_errors) do |
924 if i > 2 then chain_errors:add_list(e); end |
924 if i > 2 then chain_errors:add_list(e); end |
925 end |
925 end |
926 if chain_errors:contains("certificate has expired") then |
926 if chain_errors:contains("certificate has expired") then |
927 return "has an expired certificate chain"; |
927 return "has an expired certificate chain"; |
|
928 elseif chain_errors:contains("No matching DANE TLSA records") then |
|
929 return "does not match any DANE TLSA records"; |
928 end |
930 end |
929 end |
931 end |
930 return "is not trusted"; -- for some other reason |
932 return "is not trusted"; -- for some other reason |
931 elseif session.cert_identity_status == "invalid" then |
933 elseif session.cert_identity_status == "invalid" then |
932 return "is not valid for this name"; |
934 return "is not valid for this name"; |