Details
-
Type:
Bug
-
Status: Closed (View Workflow)
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 2.3.16, 2.4.6
-
Component/s: Core
-
Labels:None
Description
The fix to ssl_verify_peer_certificate not requiring clients to present a certificate changed the default behavior. The old behavior was very similar to ssl_verify_peer_certificate=false so the default should be changed to match that. The fact that presented certificates are no longer verified is not a concern if certificates weren't required in the first place.