etax 2010 failure to validate remote ssl certificate properly
etax 2010[0]
1.fails to properly check the remote https server has a valid
certificate for the host it claims to be from.
Test case:
edit the hosts file like this:
IP_OF_HTTPS_SERVER_HERE etaxservices10.etax.ato.gov.au
e.g. 203.0.178.114
(note: you need a certificate for _any_ domain signed by a CA
installed on the client boxen).
2. will communicate over http if told to ;) (mod_rewrite etc.).
.... etax 2010 will send the details of the tax request in a SOAP request.
Have fun ;)
[0] http://www.ato.gov.au/individuals/content.asp?doc=/content/32234.htm&page=5
--
Small things make base men proud. -- William Shakespeare, "Henry VI"