hbmqtt
hbmqtt copied to clipboard
Disable certificate verification
It'd be nice to have an option to disable certificate verification (verify_mode=CERT_NONE
): something like config['verify'] = False
?
I've just did some quick check, and it seems that it is enough to set verify_mode
to ssl.CERT_OPTIONAL
above this line:
if secure:
sc = ssl.create_default_context(
ssl.Purpose.SERVER_AUTH,
cafile=self.session.cafile,
capath=self.session.capath,
cadata=self.session.cadata)
if 'certfile' in self.config and 'keyfile' in self.config:
sc.load_cert_chain(self.config['certfile'], self.config['keyfile'])
if 'check_hostname' in self.config and isinstance(self.config['check_hostname'], bool):
sc.check_hostname = self.config['check_hostname']
sc.verify_mode = ssl.CERT_NONE
kwargs['ssl'] = sc
Then server will be verified only when cafile
is provided.
But having option in config would make if more verbose...