On Wed, Nov 13, 2013 at 2:27 AM, Andy Bradford <amb-fos...@bradfords.org>wrote:

> Here's another observation. Now that I got around the proxy problem (the
> proxy  I was  using was  returning 403),  I get  prompted to  accept the
> self-signed certificate, but the host listed is that of the proxy:
> Accept certificate for host proxy.host.dom (a=always/y/N)?
> Is this  how it is  supposed to  work when using  a proxy? Or  should it
> actually display the name of the host that is in the Fossil clone URL?
I think it should clearly state it is asking for acceptance of the proxy
cert, when that is the cert being considered. Then if the destination host
cert is also unknown, it will ask for accpetance of that cert as well. So,
if you are using a new proxy and a new destination host, and both are using
SSL/TLS, you would get asked twice. (The proxy query has to come first
because it is forwarding your connection to the destination.)

So the message should say: Accept certificate for proxy "proxy.host.dom"
fossil-users mailing list

Reply via email to