Support for fail_if_no_peer_cert SSL server option. #34

wants to merge 2 commits into


None yet

2 participants

0x00F6 commented Feb 11, 2013

SSL option verify alone does not gives full security. Client could send empty certificate and happily access your inner API.

@0x00F6 0x00F6 Update src/ranch_ssl.erl
Support for fail_if_no_peer_cert SSL server option.
essen commented Feb 11, 2013

Options in alphabetical order please.

0x00F6 commented Feb 12, 2013

OK, I'll do.
But, in the first place, is ranch:filter_options really needed in ranch_ssl:listen?
Why not pass all Opts directly to ssl:listen?
All ssl server options are well known and documented:
When passing unsupported option programmer will get nice and clear exception exit: badarg.
Is there ssl server option undesirable/unsupported by ranch?

essen commented Feb 14, 2013

Please squash the commits into one and I will merge it.

@0x00F6 0x00F6 closed this Feb 18, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment