Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
0.24
-
None
-
Windows, SSL
Description
By default, the SChannel package from Microsoft will attempt to guess an appropriate client certificate during SSL/TLS negotiation if a client certificate is requested by the server and none is supplied by the client in its credentials structure. This behavior can be changed to only work with an explicitly specified certificate (if any) by the client.
By doing so, the behavior of clients is made more consistent across platforms and this eliminates unexpected false positives in testing.