aramperes/nut-rs
1
0
Fork 0
mirror of https://github.com/aramperes/nut-rs.git synced 2025-09-08 21:18:31 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Strict SSL verification (#9)

Browse source 
Fixes #8
This commit is contained in:
Aram Peres 2021-07-31 11:12:45 -04:00 committed by GitHub
parent f22867d2d2
commit 3002b4de53
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 171 additions and 75 deletions
Download patch file Download diff file Expand all files Collapse all files

8
README.md
View file

@ -85,5 +85,9 @@ fn main() -> nut_client::Result<()> {
You can turn on SSL support by adding `.with_ssl(true)` in the `ConfigBuilder`. This requires the `ssl` feature, which
uses `rustls` under the hood.
Note that this crate turns off all certificate validation at the moment, effectively giving a false sense of security.
If you'd like to contribute to this, see issue #8.
Note that, by default, `.with_ssl(true)` will enable **strict** verification. This means it will verify the server
certificate's DNS entries, check for revocation, and verify the chain using the local root trust. You must also ensure
that the connection hostname is a valid DNS name (e.g. `localhost`, not `127.0.0.1`).
If the server is using a self-signed certificate, and you'd like to ignore the strict validation, you can add
`.with_insecure_ssl(true)` along with `.with_ssl(true)`.