Some thoughts on CertificateFile. I'd argue that when CertificateFile is specified, SystemCertificates should default to no.
The reasoning is that when you use CertificateFile you probably want certificate/key pinning, but this is not what happens. If SystemCertificates is yes, your (self-signed) cert can be "legitimately" be bypassed by a MITM attack + a certificate signed by any of the system cert roots. On the other side, I cannot think of a scenario where specifying *additional* certificates while still trusting the system root is beneficial. ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e _______________________________________________ isync-devel mailing list isync-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/isync-devel
