xpra icon
Bug tracker and wiki

Changes between Version 7 and Version 8 of Encryption/SSL


Ignore:
Timestamp:
09/08/16 09:51:16 (3 years ago)
Author:
Antoine Martin
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Encryption/SSL

    v7 v8  
    3434xpra attach ssl:127.0.0.1:10001
    3535}}}
    36 
    37 If you are using temporary tests certificates and see this message:
    38 {{{
    39 [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)
    40 }}}
    41 '''temporarily''' add {{{--ssl-server-verify-mode=none}}} to your client command line.
    4236}}}
    4337
    4438
    4539{{{#!div class="box"
    46 == Securing SSL with self signed certificates ==
     40== Using a self signed certificates ==
     41
     42Generate a certificate:
     43{{{
     44openssl req -new -x509 -days 365 -nodes -out self.pem -keyout self.pem
     45}}}
     46
     47To avoid this error when the client connects:
     48{{{
     49[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)
     50}}}
     51'''temporarily''' add {{{--ssl-server-verify-mode=none}}} to your client command line
     52}}}
     53
     54
     55{{{#!div class="box"
     56== Securing SSL with self signed CA and certificates ==
    4757
    4858See [https://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software] and [https://blog.sucuri.net/2016/03/beware-unverified-tls-certificates-php-python.html Beware of Unverified TLS Certificates in PHP & Python].