Implemented a option to overrule the TLS REQUIRED option (reqcert) #12
Conversation
|
To be honest, I don’t want to support disabling TLS validation. It’s totally wrong approach, you should NEVER EVER do that! It’s like using password authentication without actually validating the password. If you have sef-signed certificate, then you can simply add it to your set of trusted certificates (typically |
|
I agree with you when using it in a production environment. But when you are testing/developing (in my case) then you need the ability to disable it sometimes. In our environment (when I developing) I need to setup a ssh tunnel to our ldap environment. This means I connect to localhost. So even if your certificate is valid, the connection still fails due to localhost is not part of the certificate. |
|
Okay then, I’ve modified it a little and merged in 319e8be. |
This is the same pull-request as #11 but againts the changed master tree