diff options
| author | Kim Alvefur <zash@zash.se> | 2019-03-10 19:58:28 +0100 |
|---|---|---|
| committer | Kim Alvefur <zash@zash.se> | 2019-03-10 19:58:28 +0100 |
| commit | 9f65ce71893ef10485442ee209472a38865da081 (patch) | |
| tree | aa9153069270fcd77844f666379d2bba6a38d02f /core | |
| parent | 5fb7d2d35a2c24a9152931d29d614c2aa8714c7e (diff) | |
| download | prosody-9f65ce71893ef10485442ee209472a38865da081.tar.gz prosody-9f65ce71893ef10485442ee209472a38865da081.zip | |
core.certmanager: Do not ask for client certificates by default
Since it's mostly only mod_s2s that needs to request client
certificates it makes some sense to have mod_s2s ask for this, instead
of having eg mod_http ask to disable it.
Diffstat (limited to 'core')
| -rw-r--r-- | core/certmanager.lua | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index 5282a6f5..63f314f8 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -106,7 +106,7 @@ local core_defaults = { capath = "/etc/ssl/certs"; depth = 9; protocol = "tlsv1+"; - verify = (ssl_x509 and { "peer", "client_once", }) or "none"; + verify = "none"; options = { cipher_server_preference = luasec_has.options.cipher_server_preference; no_ticket = luasec_has.options.no_ticket; |