diff options
| author | Wilmer van der Gaast <wilmer@gaast.net> | 2011-12-23 13:44:08 +0100 |
|---|---|---|
| committer | Wilmer van der Gaast <wilmer@gaast.net> | 2011-12-23 13:44:08 +0100 |
| commit | 792a93b417c24a206d8995ca8bf51482f20e997e (patch) | |
| tree | c29c4ceae134df4ad52e79ef50bc09d00e1b245d /doc/user-guide | |
| parent | 2d93a51e15ac2d6daaac0d6ac1e2c41e33486c53 (diff) | |
| parent | 41658da57b611d17030dc7e2c3feb54f99b668ac (diff) | |
Merging SSL certificate verification for GnuTLS, with help from AopicieR.
Diffstat (limited to 'doc/user-guide')
| -rw-r--r-- | doc/user-guide/commands.xml | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/doc/user-guide/commands.xml b/doc/user-guide/commands.xml index 3a9202dc..8fc58c9e 100644 --- a/doc/user-guide/commands.xml +++ b/doc/user-guide/commands.xml @@ -1391,7 +1391,11 @@ <description> <para> - Currently only available for Jabber connections. Set this to true if the server accepts SSL connections. + Currently only available for Jabber connections. Set this to true if you want to connect to the server on an SSL-enabled port (usually 5223). + </para> + + <para> + Please note that this method of establishing a secure connection to the server has long been deprecated. You are encouraged to look at the <emphasis>tls</emphasis> setting instead. </para> </description> </bitlbee-setting> @@ -1484,6 +1488,24 @@ </description> </bitlbee-setting> + <bitlbee-setting name="tls_verify" type="boolean" scope="account"> + <default>true</default> + + <description> + <para> + Currently only available for Jabber connections in combination with the <emphasis>tls</emphasis> setting. Set this to <emphasis>true</emphasis> if you want BitlBee to strictly verify the server's certificate against a list of trusted certificate authorities. + </para> + + <para> + The hostname used in the certificate verification is the value of the <emphasis>server</emphasis> setting if the latter is nonempty and the domain of the username else. If you get a hostname related error when connecting to Google Talk with a username from the gmail.com or googlemail.com domain, please try to empty the <emphasis>server</emphasis> setting. + </para> + + <para> + Please note that no certificate verification is performed when the <emphasis>ssl</emphasis> setting is used, or when the <emphasis>CAfile</emphasis> setting in <emphasis>bitlbee.conf</emphasis> is not set. + </para> + </description> + </bitlbee-setting> + <bitlbee-setting name="to_char" type="string" scope="global"> <default>": "</default> |