Kevin McArthur
Kevin McArthur
If you want to configure a testing cert in development, you should provide a cainfo/cafile to validate against. However, this always talks to a real server anyway, so shouldnt be...
Looks like it could be. However, the reference implementation contains https://github.com/Yubico/yubikey-val/blob/19345b76eea90d1cb3996296c12ae616d8151c22/ykval-verify.php#L202 https://github.com/Yubico/yubikey-val/blob/19345b76eea90d1cb3996296c12ae616d8151c22/ykval-common.php#L109 Function is_clientid validates this parameter before its included in the sql query. Probably a good idea to fix...