[mod_openssl] disable cert vrfy if ALPN acme-tls/1

disable client cert verification if ALPN "acme-tls/1"
author: Glenn Strauss <gstrauss@gluelogic.com> 2020-03-15 15:38:06 -0400
committer: Glenn Strauss <gstrauss@gluelogic.com> 2020-07-08 19:54:30 -0400
commit: ce7840504db40f853aee568f768da2b8d5cb9b48 (patch)
tree: cc828612aa9b2768da1cbd47b692cfc60c1a4662
parent: f7bac374ee9c530c4bf8ffa098d423cab592c943 (diff)
download: lighttpd-git-ce7840504db40f853aee568f768da2b8d5cb9b48.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/src/mod_openssl.c b/src/mod_openssl.c
index 4313d55d..1cf6dd76 100644
--- a/src/mod_openssl.c
+++ b/src/mod_openssl.c
@@ -824,6 +824,8 @@ mod_openssl_acme_tls_1 (SSL *ssl, handler_ctx *hctx)
             break;
         }
 
+        hctx->conf.ssl_verifyclient_enforce = 0;
+        SSL_set_verify(ssl, SSL_VERIFY_NONE, NULL);
         rc = SSL_TLSEXT_ERR_OK;
     } while (0);
author	Glenn Strauss <gstrauss@gluelogic.com>	2020-03-15 15:38:06 -0400
committer	Glenn Strauss <gstrauss@gluelogic.com>	2020-07-08 19:54:30 -0400
commit	ce7840504db40f853aee568f768da2b8d5cb9b48 (patch)
tree	cc828612aa9b2768da1cbd47b692cfc60c1a4662
parent	f7bac374ee9c530c4bf8ffa098d423cab592c943 (diff)
download	lighttpd-git-ce7840504db40f853aee568f768da2b8d5cb9b48.tar.gz