Certificate validation script does not deal well with root-certs being sent by server

Description

Currently, the validate-certs script in policy does not deal well with certain certificate chains, where the trust-anchor is being sent by the server. We should be able to fix this by removing the trust-anchor automatically from the chain; solving this might potentially change the way root-certs are currently being loaded into Bro.

Example server: access.redhat.com

Environment

None

Assignee

Johanna Amann

Reporter

Johanna Amann

Labels

None

External issue ID

None

Components

Fix versions

Affects versions

Priority

Normal
Configure