Article delegate-en/4063 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: How to verify a server's certificate?
11 Aug 2008 09:36:15 GMT (Yutaka Sato)
The DeleGate Project


In message <_A4062@delegate-en.ML_> on 08/11/08(18:15:29)
you Monika Schilling <> wrote:
 |On Monday August 11 2008 07:58, Yutaka Sato wrote:
 |> ...
 |> Thus I think setting SSL_CERT_DIR environment variable to an empty
 |> directory will be effective to solve your problem, without changing
 |> the code of DeleGate.
 |Yes, this works! So I have an immediate solution.
 |On Monday August 11 2008 03:45, Yutaka Sato wrote:
 |> ...
 |> Maybe it is because sslway.c loades the default location of certificates
 |> together with the explicitly specified certificates.
 |What do you think about a new DeleGate option which allows to switch off this 
 |implicit action. This avoids the scattered configuration (DeleGate 
 |configuration file + OpenSSL environment variable).

I did it tentatively for the testing :)
But note that the SSL (TLS) configuration of DeleGate is moving from
sslway options like -CApath to files under the CERTDIR (like ca-sv.pem)
after DeleGate/9.8.0 and the recommended way to disable the default
certificates will be making a special file under CERTDIR.

  9 9   Yutaka Sato <>
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]