Open adamdecaf opened 6 years ago
How about the following flags?
-remote
: Do remote lookups if no local chain is found-all
: Include all certificates (expired, revoked, untrusted)-revoked
-untrusted
-expired
This would likely spur the breakup of Store
I've been brainstorming.
When you're digging around for which CA is used in a particular connection it can get messy. Some CA's offer html pages, but that's not useful in a general sense.
What about a command to show the chains for a given connection? We'd need to include untrusted local CA's to let people whitelist better.
Other tools do this - check into those.