TD0499: Testing with pinned certificates
If pinned certificates are supported and present in the TOE, they adversely affect the ability to perform the CN/SAN checking in FCS_TLSC_EXT.1.2 Tests 1-6.
The sentence under Tests that precedes Test 1 is modified as follows, with underlines indicating additions:
The evaluator shall configure the reference identifier according to the AGD guidance and perform the following tests during a TLS connection. If the TOE supports certificate pinning, all pinned certificates must be removed before performing Tests 1 through 6. A pinned certificate must be added prior to performing Test 7.
See issue description.