certmanager: Limit certificate chain depth to 9

author: Kim Alvefur <zash@zash.se> 2015-02-05 16:59:34 +0100
committer: Kim Alvefur <zash@zash.se> 2015-02-05 16:59:34 +0100
commit: 664c92cddeaa7ec7e83ff29a62d6f5f701d0ae33 (patch)
tree: a8d124fab07343cbd0ec4213b697c56a9503617d /core
parent: 3581c7106770298b5e813bbbf8e20b22d125476f (diff)
download: prosody-664c92cddeaa7ec7e83ff29a62d6f5f701d0ae33.tar.gz
prosody-664c92cddeaa7ec7e83ff29a62d6f5f701d0ae33.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua
index d92e5fc1..9a0c3deb 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -53,6 +53,7 @@ local global_ssl_config = configmanager.get("*", "ssl");
 -- Built-in defaults
 local core_defaults = {
 	capath = "/etc/ssl/certs";
+	depth = 9;
 	protocol = "tlsv1+";
 	verify = (ssl_x509 and { "peer", "client_once", }) or "none";
 	options = {
author	Kim Alvefur <zash@zash.se>	2015-02-05 16:59:34 +0100
committer	Kim Alvefur <zash@zash.se>	2015-02-05 16:59:34 +0100
commit	664c92cddeaa7ec7e83ff29a62d6f5f701d0ae33 (patch)
tree	a8d124fab07343cbd0ec4213b697c56a9503617d /core
parent	3581c7106770298b5e813bbbf8e20b22d125476f (diff)
download	prosody-664c92cddeaa7ec7e83ff29a62d6f5f701d0ae33.tar.gz prosody-664c92cddeaa7ec7e83ff29a62d6f5f701d0ae33.zip