swift-server-bot
commented
1 year ago Can one of the admins verify this patch?
Open borisreitman opened 1 year ago
swift-server-bot
commented
1 year ago Can one of the admins verify this patch?
swift-server-bot
commented
1 year ago Can one of the admins verify this patch?
swift-server-bot
commented
1 year ago Can one of the admins verify this patch?
swift-server-bot
commented
1 year ago Can one of the admins verify this patch?
swift-server-bot
commented
1 year ago Can one of the admins verify this patch?
swift-server-bot
commented
1 year ago Can one of the admins verify this patch?
swift-server-bot
commented
1 year ago Can one of the admins verify this patch?
swift-server-bot
commented
1 year ago Can one of the admins verify this patch?
swift-server-bot
commented
1 year ago Can one of the admins verify this patch?
swift-server-bot
commented
1 year ago Can one of the admins verify this patch?
borisreitman
commented
1 year ago @dnadoba Can you check it again, I pushed a new changeset.
Lukasa
commented
1 year ago @swift-server-bot test this please
I have implemented a new attribute
.certificateRequiredinTLSConfiguration. When set tofalse, it makes presence of client certificates optional. If the client certificate is provided, then thecustomVerificationCallbackwill be called. By default, the attribute is true, which is the current behaviour (failure without client certificate).From an article referenced below, here is a quote:
"[We] tell it to accept requests with no valid certificate. We need this to handle invalid connections as well (for example to display an error message), otherwise, they would just get a cryptic HTTPS error message from the browser (ERR_BAD_SSL_CLIENT_AUTH_CERT to be precise)"
Reference: https://medium.com/@sevcsik/authentication-using-https-client-certificates-3c9d270e8326