Skip to content

Commit

Permalink
Don't set VerifyPeerCertificate function on TLS config if authenticat…
Browse files Browse the repository at this point in the history 
…ion is disabled.
  • Loading branch information
@phamann
phamann committed Apr 18, 2019
1 parent 95a1265 commit cdd6b79
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -442,9 +442,10 @@ func serverListen(context *Context) error {
}

config.GetCertificate = context.cert.GetCertificate
config.VerifyPeerCertificate = serverACL.VerifyPeerCertificateServer
if *serverDisableAuth {
config.ClientAuth = tls.NoClientCert
} else {
config.VerifyPeerCertificate = serverACL.VerifyPeerCertificateServer
}

listener, err := reuseport.NewReusablePortListener("tcp", (*serverListenAddress).String())
Expand Down

0 comments on commit cdd6b79

Please sign in to comment.