Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
TLS_CONFIG_VERIFY(3)   FreeBSD Library Functions Manual	  TLS_CONFIG_VERIFY(3)

NAME
     tls_config_verify,	tls_config_insecure_noverifycert,
     tls_config_insecure_noverifyname, tls_config_insecure_noverifytime	--
     insecure TLS configuration

SYNOPSIS
     #include <tls.h>

     void
     tls_config_verify(struct tls_config *config);

     void
     tls_config_insecure_noverifycert(struct tls_config	*config);

     void
     tls_config_insecure_noverifyname(struct tls_config	*config);

     void
     tls_config_insecure_noverifytime(struct tls_config	*config);

DESCRIPTION
     These functions disable parts of the normal certificate verification
     process, resulting	in insecure configurations.  Be	very careful when
     using them.

     tls_config_insecure_noverifycert()	disables certificate verification and
     OCSP validation.

     tls_config_insecure_noverifyname()	disables server	name verification
     (client only).

     tls_config_insecure_noverifytime()	disables validity checking of certifi-
     cates and OCSP validation.

     tls_config_verify() reenables server name and certificate verification.

SEE ALSO
     tls_client(3), tls_config_ocsp_require_stapling(3),
     tls_config_set_protocols(3), tls_conn_version(3), tls_connect(3),
     tls_handshake(3), tls_init(3)

HISTORY
     tls_config_verify() appeared in OpenBSD 5.6 and got its final name	in
     OpenBSD 5.7.

     tls_config_insecure_noverifycert()	and tls_config_insecure_noverifyname()
     appeared in OpenBSD 5.7 and tls_config_insecure_noverifytime in
     OpenBSD 5.9.

AUTHORS
     Joel Sing <jsing@openbsd.org>
     Ted Unangst <tedu@openbsd.org>

FreeBSD	Ports 11.2		 March 2, 2017		    FreeBSD Ports 11.2

NAME | SYNOPSIS | DESCRIPTION | SEE ALSO | HISTORY | AUTHORS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=tls_config_verify&sektion=3&manpath=FreeBSD+12.0-RELEASE+and+Ports>

home | help