diff options
| author | Mattes D <github@xoft.cz> | 2023-05-09 19:59:15 +0200 |
|---|---|---|
| committer | Mattes D <github@xoft.cz> | 2023-05-19 16:25:12 +0200 |
| commit | 97c49c6f294a0b7e931be2692c124bd78fc79946 (patch) | |
| tree | 872fcdfbfc30ff0ed2e2e444bb965769ea147e60 /src/mbedTLS++/SslConfig.cpp | |
| parent | cTCPLink: Use the original connection hostname for SNI. (diff) | |
| download | cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar.gz cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar.bz2 cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar.lz cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar.xz cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.tar.zst cuberite-97c49c6f294a0b7e931be2692c124bd78fc79946.zip | |
Diffstat (limited to 'src/mbedTLS++/SslConfig.cpp')
| -rw-r--r-- | src/mbedTLS++/SslConfig.cpp | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/mbedTLS++/SslConfig.cpp b/src/mbedTLS++/SslConfig.cpp index 054d63980..9bcac741f 100644 --- a/src/mbedTLS++/SslConfig.cpp +++ b/src/mbedTLS++/SslConfig.cpp @@ -5,7 +5,7 @@ #include "mbedTLS++/CryptoKey.h" #include "mbedTLS++/EntropyContext.h" -#include "mbedTLS++/RootCA.h" +#include "mbedTLS++/X509Cert.h" // This allows us to debug SSL and certificate problems, but produce way too much output, @@ -235,8 +235,8 @@ std::shared_ptr<cSslConfig> cSslConfig::MakeDefaultConfig(bool a_IsClient) Ret->SetRng(std::move(CtrDrbg)); } - Ret->SetAuthMode(eSslAuthMode::Required); - Ret->SetCACerts(GetCACerts()); + // By default we have no root CAs, so no cert verification can be done: + Ret->SetAuthMode(eSslAuthMode::None); #ifndef NDEBUG #ifdef ENABLE_SSL_DEBUG_MSG |