URL: https://github.com/freeipa/freeipa/pull/506 Title: #506: added ssl verification
tiran commented: """ Please change the title of the commit, too. It's implies that we did not verify certs in the past. In the future please don't call the system trust store a random collection of CAs. It's diminishing and vilifying the hard work of the security team to provide a secure selection of CA certs. This change is purely an attempt to harden IPA and use the same selection of CAs everywhere. """ See the full comment at https://github.com/freeipa/freeipa/pull/506#issuecomment-282259839
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
