[release-branch.go1] crypto/x509: exempt broken Entrust certificate from checks.
««« backport
8241ffc8686e
crypto/x509: exempt broken Entrust certificate from checks.
Entrust have issued a root certificate that's not marked as valid for
signing certificates.
This results in Go programs failing to validate certificates that
chain up to this root (i.e. gateway.push.apple.com:2195).
Although this is clearly a mistake on Entrust's part, it seems that we
will have to bodge around it.
R=golang-dev, dave, r
CC=golang-dev
https://golang.org/cl/
6346064
»»»