aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--core/certmanager.lua8
1 files changed, 7 insertions, 1 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua
index 183680ee..263797e5 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -369,7 +369,13 @@ local function reload_ssl_config()
if tls.features.options.no_compression then
core_defaults.options.no_compression = configmanager.get("*", "ssl_compression") ~= true;
end
- core_defaults.dane = configmanager.get("*", "use_dane") or false;
+ if not configmanager.get("*", "use_dane") then
+ core_defaults.dane = false;
+ elseif tls.features.capabilities.dane then
+ core_defaults.dane = { "no_ee_namechecks" };
+ else
+ core_defaults.dane = true;
+ end
cert_index = index_certs(resolve_path(config_path, global_certificates));
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 02:03:29 +0000