From 3d5cb468b3d474b1cd2443b778f8419932583474 Mon Sep 17 00:00:00 2001 From: Zeke Snider Date: Fri, 2 Feb 2018 16:50:39 -0800 Subject: [PATCH] Don't enable certificate revocation check if client config has validate certificates set to false --- Release/src/http/client/http_client_winhttp.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Release/src/http/client/http_client_winhttp.cpp b/Release/src/http/client/http_client_winhttp.cpp index c81dd6b317..737c430b71 100644 --- a/Release/src/http/client/http_client_winhttp.cpp +++ b/Release/src/http/client/http_client_winhttp.cpp @@ -667,7 +667,7 @@ class winhttp_client : public _http_client_communicator } // Enable the certificate revocation check - if (m_secure) + if (m_secure && client_config().validate_certificates()) { DWORD dwEnableSSLRevocOpt = WINHTTP_ENABLE_SSL_REVOCATION; if (!WinHttpSetOption(winhttp_context->m_request_handle, WINHTTP_OPTION_ENABLE_FEATURE, &dwEnableSSLRevocOpt, sizeof(dwEnableSSLRevocOpt)))