Pass Through Host Certificate Validation

Note: By default, schannel (MSCAPI) is responsible for validating the host certificate chain received during SSL/TLS handshake. Schannel runs several checks on the received certificate chain, one of which is verifying that the signature affixed to the certificate is valid. The hash value computed on the certificate contents must match the value that results from decrypting the signature field using the public component of the issuer. In order to perform this operation, you must possess the public component of the issuer, either through some integrity-assured channel, or by extracting it from another (validated) certificate. The default certificate validation process is exhaustive and runs several checks on the host certificate chain in order to successfully validate it. By enabling this option, you would effectively suppress the default validation done by schannel and the identity of the host would not be verified. Using this option is not recommended.