Previous page Section 3.11.12. TLS_RequireClientCert Section 3.11.13. TLS_Verify (235 / 1693)   Table of Contents Section 3.11.14. TLS_RandomFile Next page

3.11.13. TLS_Verify Previous topic Parent topic Child topic Next topic

TLS_Verify is an optional string parameter which is available only for TLS clients. It specifies whether the client clause requires the server to present a valid server certificate during TLS handshake or not. The default is to require and verify the server certificate. If the server certificate is not a valid certificate, the TLS handshake fails and the TCP or SCTP connection is disconnected. Certificate validity is determined by the root certificates that are configured for the client clause with TLS_CAFile or TLS_CAPath, and other TLS configuration parameters, such as TLS_ExpectedPeerName and TLS_SubjectAltNameURI.
When TLS_Verify is set to value none, the server certificate is not verified. This may be useful during testing but it's not recommended for production configurations. Here is an example of using TLS_Verify:
<AuthBy REST>
    # TLS and other parameters

    # While testing, skip certificate validation
    TLS_Verify none

    # More parameters
</AuthBy>
Previous page Section 3.11.12. TLS_RequireClientCert Section 3.11.13. TLS_Verify (235 / 1693)   Table of Contents Section 3.11.14. TLS_RandomFile Next page