#1031 In prosodyctl check, disable s2s cert validation when s2s is disabled
Reporter
Link Mauve
Owner
Nobody
Created
Updated
Stars
★ (1)
Tags
Milestone-0.11
Status-Fixed
Priority-Medium
Type-Enhancement
Link Mauve
on
Description of feature:
When running `prosodyctl check`, at the “Checking certificates...” step, every VirtualHost and Component sections are checked, but things like proxy65 which don’t need any kind of s2s and for which I disable it with modules_disabled = { "s2s" } are still checked, for example:
Checking certificate for proxy.linkmauve.fr
Certificate: /etc/prosody/certs/linkmauve.fr.crt
Not valid for server-to-server connections to proxy.linkmauve.fr.
Motivation: (Why?)
It would make it easier to see actual errors not to have false positives.
Zash
on
Agreed. It should check hosts where mod_c2s or mod_s2s is enabled.
Description of feature: When running `prosodyctl check`, at the “Checking certificates...” step, every VirtualHost and Component sections are checked, but things like proxy65 which don’t need any kind of s2s and for which I disable it with modules_disabled = { "s2s" } are still checked, for example: Checking certificate for proxy.linkmauve.fr Certificate: /etc/prosody/certs/linkmauve.fr.crt Not valid for server-to-server connections to proxy.linkmauve.fr. Motivation: (Why?) It would make it easier to see actual errors not to have false positives.
Agreed. It should check hosts where mod_c2s or mod_s2s is enabled.
ChangesHere is a patch: https://prosody.im/pastebin/786cf872-450f-4b4c-acac-b14015fbe49f
Thanks https://hg.prosody.im/trunk/rev/ddd98e262519
Changes