SSL is alsways used even if flat --enable-crypto is missing.

[Alfas]

What happened?

I am running barriers without flag --enable-crypto, but still getting error about SSL certificate. Client also has no --enable-crypto flag.

[2022-04-30T14:58:30] DEBUG: Opening new socket: 72BBD570 [2022-04-30T14:58:30] INFO: OpenSSL 3.0.2 15 Mar 2022 [2022-04-30T14:58:30] NOTE: peer fingerprint (SHA1): C9:35:42:8A:E5:6E:A7:12:51:B2:60:39:64:48:46:79:53:5B:1B:5B (SHA256): D4:65:71:F2:AD:A9:5A:45:0C:D5:58:89:F8:B7:A7:0D:38:FF:54:3C:C6:B2:DF:64:43:E2:50:89:DF:1D:AB:EA [2022-04-30T14:58:30] NOTE: fingerprint_db_path: /home/alfas/.local/share/barrier/SSL/Fingerprints/TrustedClients.txt [2022-04-30T14:58:30] NOTE: Could not read fingerprints from: /home/alfas/.local/share/barrier/SSL/Fingerprints/TrustedClients.txt [2022-04-30T14:58:30] NOTE: Fingerprint does not match trusted fingerprint [2022-04-30T14:58:30] ERROR: failed to verify server certificate fingerprint

Version

v2.4.0

Git commit hash (if applicable)

No response

If applicable, where did you install Barrier from?

Ubuntu default server.

What OSes are you seeing the problem on? (Check all that apply)

Linux

What OS versions are you using?

Ubuntu 22.04

Relevant log output

No response

Any other information

No response

[Alfas]

I had a look at the code and there is new option --disable-crypto. Unfortunately it is not in man page. I aspect it to be part of barrier package.

[jockie]

In Barrier's UI press F4 for the settings and then uncheck the "Enable SSL" option.

[Alfas]

As I mentioned in my comment I already found a way how to make barrier to work. The only thing left to do is to fix documentation so that you do not need to spend hours trying to fix the problem after every new installation or update. Warning in application that key parameters have been changed and application requires reconfiguration after update in order to work might also be useful.

[PUDPUD]

Thanks @Alfas , this fixed my issue :). Hopefully documentation gets updated so I didn't have to search.