SSLTRUST (JANUS DEFINE parameter)

From m204wiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

SSLTRUST — Trust communication partner certificate

Description

SSLTRUST is a parameter on the JANUS DEFINE command. It indicates that a certificate from the other side of a TLS/SSL connection is not required to be signed by a certifying authority that has been added to the port by a JANUS ADDCA command. This parameter is available in Model 204 7.7 and later.

Note: It is a bad idea to use this parameter in production systems or systems where security is important: it defeats one of the protections of TLS/SSL — the validation of the other side of a connection. It is probably an especially bad idea for server ports, as it completely defeats the utility of client certificates for user validation — anyone can produce a certificate with any content if the certificate is not required to be signed by a known certifying authority.

The main purpose of SSLTRUST is experimentation. It might also be useful for problem diagnosis or perhaps bootstrapping a connection to a known server/client.

Retrieved from "https://m204wiki.rocketsoftware.com/index.php?title=SSLTRUST_(JANUS_DEFINE_parameter)&oldid=84517"