|Vincent Hanquez db1232aea8 remove warnings, add some more #ifdef.||7 years ago|
|core||7 years ago|
|debug||7 years ago|
|extra||7 years ago|
|test-scripts||7 years ago|
|.gitignore||8 years ago|
|LICENSE||7 years ago|
|README.md||7 years ago|
|TODO||7 years ago|
This library provide native Haskell TLS and SSL protocol implementation for server and client.
This provides a high-level implementation of a sensitive security protocol, eliminating a common set of security issues through the use of the advanced type system, high level constructions and common Haskell features.
The tools mentioned below are all available from the tls-debug package.
It’s useful to run the following command, which will connect to the destination and retrieve the certificate chained used.
tls-retrievecertificate -d <destination> -p <port> -v -c
As an output it will print every certificates in the chain and will gives the issuer and subjects of each. It creates a chain where issuer of certificate is the subject of the next certificate part of the chain:
(subject #1, issuer #2) -> (subject #2, issuer #3) -> (subject #3, issuer #3)
A “CA is unknown” error indicates that your system doesn’t have a certificate in the trusted store belonging to any of the node of the chain.