pound icon indicating copy to clipboard operation
pound copied to clipboard

Published 20 hours ago verified publisher icon goochjj

Cancel SSL/HTTPS handshake if no suited cert is found

Open gschoenberger opened this issue 9 years ago • 1 comments

Hi goochjj,

currently if no suitable certificate is found in a Service declaration, the first certificate is issued to the client. If the domain does not suite the certificate the client gets an certificate error in his browser. Is there a way to disable this behavior, i.e. just cancel the SSL/HTTPS handshake?

THX, Georg

gschoenberger avatar Dec 17 '15 14:12 gschoenberger

Not currently. I can't think of a compelling reason to implement this. If you think there's a compelling use case you should bring it up on the Pound mailing list (www.apsis.ch/pound has the links)

It might be related to this thread: http://www.apsis.ch/pound/pound_list/archive/2015/2015-10/1445607472000

On Thu, Dec 17, 2015 at 9:32 AM, Georg Schönberger <[email protected]

wrote:

Hi goochjj,

currently if no suitable certificate is found in a Service declaration, the first certificate is issued to the client. If the domain does not suite the certificate the client gets an certificate error in his browser. Is there a way to disable this behavior, i.e. just cancle the SSL/HTTPS handshake?

THX, Georg

— Reply to this email directly or view it on GitHub https://github.com/goochjj/pound/issues/13.

goochjj avatar Dec 17 '15 21:12 goochjj