delta/node.git/test/simple/test-https-strict.js, branch node-review github.com: joyent/node.git tls: better error reporting at cert validation 2014-07-02T20:41:39+00:00 Fedor Indutny fedor@indutny.com 2014-04-14T16:08:38+00:00 e34525356201654bfe35b4bb7edec6f5b47b6374 fix #7417 Signed-off-by: Fedor Indutny <fedor@indutny.com> 
fix #7417

Signed-off-by: Fedor Indutny <fedor@indutny.com>
test updates for streams2 2012-12-15T01:46:23+00:00 isaacs i@izs.me 2012-12-13T15:47:33+00:00 19ecc3a4a6ed8b7256da4425307e18dba547492d 






tls, https: validate server certificate by default
2012-09-14T22:19:06+00:00

Ben Noordhuis
info@bnoordhuis.nl

2012-08-30T13:14:37+00:00

35607f3a2dda03af8cf2dd3704c0c915e28aa774

This commit changes the default value of the rejectUnauthorized option from
false to true.

What that means is that tls.connect(), https.get() and https.request() will
reject invalid server certificates from now on, including self-signed
certificates.

There is an escape hatch: if you set the NODE_TLS_REJECT_UNAUTHORIZED
environment variable to the literal string "0", node.js reverts to its
old behavior.

Fixes #3949.





This commit changes the default value of the rejectUnauthorized option from
false to true.

What that means is that tls.connect(), https.get() and https.request() will
reject invalid server certificates from now on, including self-signed
certificates.

There is an escape hatch: if you set the NODE_TLS_REJECT_UNAUTHORIZED
environment variable to the literal string "0", node.js reverts to its
old behavior.

Fixes #3949.







https: Use host header as effective servername
2012-07-25T20:38:43+00:00

isaacs
i@izs.me

2012-07-25T19:00:25+00:00

b0c0111b04201bf99fde0fe0616b9fdf1f33655d