Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
ncat server with self-signed certificate accepts connections from ncat client without cetificate #1898
When starting a ncat server with self-signed certificate i was still able to connect to the server as a ncat client without using the certificate. The command to start the server:
ncat --listen --ssl --ssl-cert ca-crt.pem --ssl-key ca.key -vv --broker -p 4001
The command for the client:
ncat --ssl -vvv (hostname) 4001
The response i got back had the line:
Ncat: Certificate verification failed (self signed certificate).
But the connection was still created and i was able to send commands to another device that was also connected to the server.
I tried also running the server command without the first --ssl but that didn't work as well.
I couldn't find anywhere any examples for working with a ncat server with a self-signed certificate.
You are probably commingling different things. Originally you reported the following issue:
This is to be expected. By default the client produces the above-noted warning but proceeds with the connection anyway. If you do not want ncat to make this connection unless the server certificate is validated then you should be using the two options I mentioned. The first one is forcing the client to validate the server certificate and the second one is specifying which authorities are considered trusted.
If you are instead trying to achieve something else then please rephrase the issue.
You are right, the 'Certificate verification failed' line is irrelevant here.