[Devel] Patch: cfg.y bug fix - tls_require_client_certificate
has no effect
Klaus Darilion
klaus.mailinglists at pernau.at
Thu Nov 23 15:42:55 CET 2006
Hi!
Thanks - I will take care of it.
regards
klaus
phgs at free.fr wrote:
> Hello,
>
>
> Issue:
>
> Whatever the value of tls_require_client_certificate, client certificates are
> NEVER mandatory to connect using TLS.
>
> I added the following lines in the openser.cfg file:
>
> tls_verify_client = 1
> tls_require_client_certificate = 1
>
> But after restarting openser, I still could connect without any client
> certificate and I found this message in the openser logs:
>
> Nov 23 15:09:53 localhost openser: TLS: Client verification activated.
> Client certificates are NOT mandatory.
>
>
> Patch:
>
> The value found in the configuration file must be stored in
> tls_default_server_domain->require_client_cert instead of
> tls_default_client_domain->require_client_cert.
>
>
> 690c690
> < tls_default_server_domain->require_client_cert=$3;
> ---
>> tls_default_client_domain->require_client_cert=$3;
>
>
> Regards,
> Philippe
>
>
>
> _______________________________________________
> Devel mailing list
> Devel at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/devel
--
Klaus Darilion
nic.at
More information about the Devel
mailing list