SSLTRUST (JANUS DEFINE parameter): Difference between revisions
m (misc cleanup) |
m (remove displaytitle) |
||
| Line 1: | Line 1: | ||
<span class="pageSubtitle">SSLTRUST — Trust communication partner certificate</span> | <span class="pageSubtitle">SSLTRUST — Trust communication partner certificate</span> | ||
Latest revision as of 00:01, 8 June 2016
SSLTRUST — Trust communication partner certificate
Description
SSLTRUST is a parameter on the JANUS DEFINE command. It indicates that a certificate from the other side of a TLS/SSL connection is not required to be signed by a certifying authority that has been added to the port by a JANUS ADDCA command. This parameter is available in Model 204 7.7 and later.
Note: It is a bad idea to use this parameter in production systems or systems where security is important: it defeats one of the protections of TLS/SSL — the validation of the other side of a connection. It is probably an especially bad idea for server ports, as it completely defeats the utility of client certificates for user validation — anyone can produce a certificate with any content if the certificate is not required to be signed by a known certifying authority.
The main purpose of SSLTRUST is experimentation. It might also be useful for problem diagnosis or perhaps bootstrapping a connection to a known server/client.