Removing hard-coded fingerprints of expired certificates - Now we use Let's Encrypt with ever-changing certificates, so hard-coding them makes no sense.

Source commit: a2e7a64e3befe47750fe58b9348adc2d1ece82d1

source/core/Http.cpp

@@ -226,17 +226,6 @@ int THttp::NeonServerSSLCallbackImpl(int Failures, const ne_ssl_certificate * Ce
 {
   AnsiString AsciiCert = NeonExportCertificate(Certificate);
 
-  // winscp.net 31.05.2015 - 02.06.2016
-  const AnsiString WebCert = "MIIEqzCCA5OgAwIBAgIDBMLgMA0GCSqGSIb3DQEBCwUAMEcxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdSYXBpZFNTTCBTSEEyNTYgQ0EgLSBHMzAeFw0xNTA1MzEwMDA1NTRaFw0xNjA2MDIwNTUxNTNaMIGSMRMwEQYDVQQLEwpHVDUyNTA2NDcyMTEwLwYDVQQLEyhTZWUgd3d3LnJhcGlkc3NsLmNvbS9yZXNvdXJjZXMvY3BzIChjKTE1MS8wLQYDVQQLEyZEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQgLSBSYXBpZFNTTChSKTEXMBUGA1UEAxMOd3d3LndpbnNjcC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRHP+5FLE+q+oeu0Qlx2eX1nV8Vc0jOkwam95Vr6JV9Ar5ZZIbR8a/jBJv/tDlQ8nvx38gPoFCcPX3qBjRhxIBuNETbLi+7Yd69CXyZKNrbo0pxAbn5C/JKFgog5EkSdR65gia0J6YGPDw/iq180MpkNIBAFInq8Pc36hLz4jrAunFjxJ18pkmBlOVSr7/4Ppd15Co9fhF4A3QI2wcrAOjEfGhssfk7aRp8x36/GI3rs/Or1SbO6/ZSg9h7a5uvJFgQPDVRmqytd03EC9HLVOvRK/70gcQfYcOSEWkEkEO8jQ7eXv0u1y5E20Te0Zk9hVXll2RpCO8u5RyyzhSKW1DAgMBAAGjggFSMIIBTjAfBgNVHSMEGDAWgBTDnPP800YINLvORn+gfFvz4gjLWTBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9ndi5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9ndi5zeW1jYi5jb20vZ3YuY3J0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwJQYDVR0RBB4wHIIOd3d3LndpbnNjcC5uZXSCCndpbnNjcC5uZXQwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2d2LnN5bWNiLmNvbS9ndi5jcmwwDAYDVR0TAQH/BAIwADBBBgNVHSAEOjA4MDYGBmeBDAECATAsMCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy5yYXBpZHNzbC5jb20vbGVnYWwwDQYJKoZIhvcNAQELBQADggEBAHzQ0JNQOtaYUbcw6OCyyiV5O5VemJSDagD5VG5W2gkLfxa9v1ly9hxbdlkKv4d9ruq36ZiHxqKBLoBzw68RNOG/CFY85Xam5Wygo8afSIuhLOYgSUMriH8aoBUXssG15t54z1em58Qh5xMp0crQAbY7D4opo0pEzkaTaS8ulwOxu5SSpK3DF12VKUdKhBs7T0QY+oOJZsqkx7GdmeKxoKRpBQvnRegCszR7vkdWsY0fFZHeNdThkY1iRxI6b4tyDYgZ0COj8WXCBia9wZm/czMmq/d7KED2V06w3Ttc4hDOHl+Onm/gQFLs++1f2Z/X6iPNhIEMNKKH51y/eHJQMxE=";
-  // cdn.winscp.net 02.06.2015 - 04.06.2016
-  const AnsiString CdnCert = "MIIEnzCCA4egAwIBAgIDBMxPMA0GCSqGSIb3DQEBCwUAMEcxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdSYXBpZFNTTCBTSEEyNTYgQ0EgLSBHMzAeFw0xNTA2MDIwNjIzMDFaFw0xNjA2MDQwMDU0NTVaMIGSMRMwEQYDVQQLEwpHVDUwMzQ0NzgyMTEwLwYDVQQLEyhTZWUgd3d3LnJhcGlkc3NsLmNvbS9yZXNvdXJjZXMvY3BzIChjKTE1MS8wLQYDVQQLEyZEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQgLSBSYXBpZFNTTChSKTEXMBUGA1UEAxMOY2RuLndpbnNjcC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5ykjjmhjnd6hMmb7WNlQwSzjGCiLA3b+U2xfUYGsR+0o8frU3bv50vNp+IlTFXn32Qt3QtskuoLdi/nip0ABBtgEUt4FAoZ/AMKPyT0hD95ZEFlaclCzUANmSJswWdQIZltbLulMAqt618Snkog3Z3nkjzAMZuKvEYvPV9ujuM2kzkWZr0/OoPHINUkaI6mZwTxCvxwmazBtyIx5tXqmfiOJ1R+viAZm4Av5nqaXz1dTqSjrgpvFtwkTu8YQpK3qrpjN+H67PnClOAS1GY0oaSMccxq0bYL1w0hORa+NyQ+ZTIiXVwiXFJ0w23qHadaoKOiG8WnQ49YvCpbDhMU+3AgMBAAGjggFGMIIBQjAfBgNVHSMEGDAWgBTDnPP800YINLvORn+gfFvz4gjLWTBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9ndi5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9ndi5zeW1jYi5jb20vZ3YuY3J0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGQYDVR0RBBIwEIIOY2RuLndpbnNjcC5uZXQwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2d2LnN5bWNiLmNvbS9ndi5jcmwwDAYDVR0TAQH/BAIwADBBBgNVHSAEOjA4MDYGBmeBDAECATAsMCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy5yYXBpZHNzbC5jb20vbGVnYWwwDQYJKoZIhvcNAQELBQADggEBAF9BN1+whMrK/HCDggLi/76+zDkzqVvNjdTgOLLSBCZaTJV1xNwIfxrPVwECEKkqV0D3eYx53aMxudVq+QuQ7VlS2k0Nu12Bfr0LFcUIOOO55jfjXUnJ8QLWoZQIJ6spOk0Bilxos4yzcORxOfASjkECEg1XUK3THnNgVLKZS92JSdxzsRkZvkpKCSNlX4ftoaPyDsgYWv0gBBA4RPAjAJB5qQTUeu0xIO/r1IhqLqnhlnJ3ewE68ScHbE5sMpl5RLEiaVRBeNw/whVEDPe2TY+JNzk6NdsGWq6uPCFsCXTGzX2QkAwR+rk2y4PPoY2vnj2cQoYWXF5pBjpMPYyRu8Q=";
-
-  if ((AsciiCert == WebCert) ||
-      (AsciiCert == CdnCert))
-  {
-    Failures &= ~NE_SSL_UNTRUSTED;
-  }
-
   if (Failures != 0)
   {
     NeonWindowsValidateCertificate(Failures, AsciiCert);