I am running Maddy inside a FreeBSD 14.1 jail, with other mails (one the same physical server serving PostgreSQL and OpenLDAP. The communication between those jails should be encrypted, using locally produced certificated and a local certificate authority. As the latter cannot be verified via the Internet, Go routinely complains, and a "accept_insecure_certs" or something similar has to be added (as seen on Grafana, etc). Maddy does not yet have this switch to accept "insecure" certificates.
The workaround is to disable encryption, which is not really desirable.
Your idea for a solution
Simple add a toggle to the tls_client settings to accept "insecure" certfificates, as seen with other Go applications.
[x] I'm willing to help with the implementation: I am not a programmer but half-way decent alpha tester :-)!
Use case
I am running Maddy inside a FreeBSD 14.1 jail, with other mails (one the same physical server serving PostgreSQL and OpenLDAP. The communication between those jails should be encrypted, using locally produced certificated and a local certificate authority. As the latter cannot be verified via the Internet, Go routinely complains, and a "accept_insecure_certs" or something similar has to be added (as seen on Grafana, etc). Maddy does not yet have this switch to accept "insecure" certificates.
The workaround is to disable encryption, which is not really desirable.
Your idea for a solution
Simple add a toggle to the tls_client settings to accept "insecure" certfificates, as seen with other Go applications.