search

aatxe / irc

the irc crate – usable, async IRC for Rust
Mozilla Public License 2.0
530 stars 97 forks source link

How to ignore certificate verification? #100

Closed ghost closed 6 years ago

ghost commented 6 years ago 
[...]
    let cfg = Config {
        nickname: Some(BOT_NICKNAME.to_owned()),
        server: Some(format!(/*the IP*/)),
        password: Some(format!(/*the password*/)),
        channels: Some(vec![format!("#test")]),
        port: Some(/*the port*/),
        use_ssl: Some(true),
        cert_path: Some(format!("I/have/a/path/to/a/cert.der")),
        .. Default::default()
    };
    let server = IrcServer::from_config(cfg).unwrap();
    server.identify().unwrap();
[...]
thread '<unnamed>' panicked at 'called `Result::unwrap()` on an `Err` value: Error(Tls(Ssl(ErrorStack([Error { code: 336134278, library: "SSL routines", function: "ssl3_get_server_certificate", reason: "certificate verify failed", file: "s3_clnt.c", line: 1264 }]))), State { ...
aatxe commented 6 years ago

There appears to be no way (or at least no obvious way) for me to support this in native-tls. That being said, if you have cert_path set and the certificate at that point is indeed the right one, you should have no issue connecting. Do you have more info about how to reproduce this?