Dear users,
We are currently using Apache 2.2.22 (mod_ssl 2.2.22, OpenSSL/0.9.8t) and we have a security concern since developers
are able to bypass the SSL certificate verification when using HTTPS calls. Kindly advise what configuration is needed to enforce the certificate verification? In other words should anyone tries to bypass this verification, the call fails returning some kind
of error code.
Please note that our environment is a simple one; it consists of one web server with no proxies.
Your help is greatly appreciated.
Regards,
| Nizar Belmona | |
| Deputy Section Head | |
| Card Management System Department | CSCBank SAL |  |
| t +961 1 742555 | ext. 1647 | f +961 1 352281 | |
| e nbelmona@xxxxxxxxxxxx | w www.cscgroup.com | |
| 150 Commodore Street, Hamra | Beirut, 1103 2120, Lebanon | |
 |
|
 Save a tree. Please consider the environment
before printing this email. |
|
