aboutsummaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2019-03-10 19:58:28 +0100
committerKim Alvefur <zash@zash.se>2019-03-10 19:58:28 +0100
commita08b6d8226ab4f2fe5358f664990e245db01b9a6 (patch)
treeaa9153069270fcd77844f666379d2bba6a38d02f /core
parentb47d67c80fe77a3414c8f0ef1fa92cec96696e54 (diff)
downloadprosody-a08b6d8226ab4f2fe5358f664990e245db01b9a6.tar.gz
prosody-a08b6d8226ab4f2fe5358f664990e245db01b9a6.zip
core.certmanager: Do not ask for client certificates by default
Since it's mostly only mod_s2s that needs to request client certificates it makes some sense to have mod_s2s ask for this, instead of having eg mod_http ask to disable it.
Diffstat (limited to 'core')
-rw-r--r--core/certmanager.lua2
1 files changed, 1 insertions, 1 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua
index 5282a6f5..63f314f8 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -106,7 +106,7 @@ local core_defaults = {
capath = "/etc/ssl/certs";
depth = 9;
protocol = "tlsv1+";
- verify = (ssl_x509 and { "peer", "client_once", }) or "none";
+ verify = "none";
options = {
cipher_server_preference = luasec_has.options.cipher_server_preference;
no_ticket = luasec_has.options.no_ticket;