SSLTRUST (JANUS DEFINE parameter)

From m204wiki
Revision as of 15:04, 17 May 2016 by Alex (talk | contribs) (Created page with "{{DISPLAYTITLE:SSLTRUST}} <span class="pageSubtitle">SSLTRUST — Trust communication partner certificate</span> ==Description== <var>SSLTRUST</var> is a parameter on the...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

SSLTRUST — Trust communication partner certificate

Description

SSLTRUST is a parameter on the JANUS DEFINE command, which indicates that a certificate from the other side of a TLS/SSL connection is not required to be signed by a certifying authority that has been added to the port by a JANUS ADDCA command. This parameter is available in Model 204 7.7 and later.

Note that it is a bad idea to use this parameter in production systems or systems where security is important as it defeats one of the protections of TLS/SSL – the validation of the other side of a connection. It is probably an especially bad idea for server ports as it completely defeats the utility of client certificates for user validation – anyone can produce a certificate with any content if the certificate is not required to be signed by a known certifying authority.

The main purpose of SSLTRUST is simply experimentation. It might also be useful for problem diagnosis or perhaps bootstrapping a connection to a known server/client.

Retrieved from "https://m204wiki.rocketsoftware.com/index.php?title=SSLTRUST_(JANUS_DEFINE_parameter)&oldid=84186"