W dniu 03.05.2016, wto o godzinie 02∶12 -0700, użytkownik li...@lazygranch.com napisał: > jabberd2 version(2.3.6) > I followed these instructions: > https://github.com/jabberd2/jabberd2/wiki/InstallGuide-OpenSSLConfigu > ration > [...] > SM : sx (ssl.c:405) secure channel not established, handshake in > progress > SM : sx (ssl.c:59) verify error:num=18:self signed > certificate:depth=0:/C=US/ST=state/L=city/O=none/OU=none > /CN=mydomain.org/emailAddress=webmas...@mydomain.org > ----------------------------------------------------
I guess I could catch X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT (18) in SSL_CTX_set_verify callback and pass the cert through, but I'm ambivalent about it... We should really discourage use of self-signed certificates. On the other hand, it really speeds-up test deployments. Maybe have it as an opition, to enable if you really-really need to use self-signed certificates? What do you think? -- smoku @ http://abadcafe.pl/ @ http://xiaoka.com/
signature.asc
Description: This is a digitally signed message part
