Page 1 of 1
Force SSL/TLS connection for new certificate.
Posted: Fri Feb 23, 2024 8:24 pm
by tiagocoelho2
Hello.
Is there a profile configuration option that forces the SSL/TLS connection when updating the certificate?
I know there is the /ACCEPTSERVER command line, but I wanted acceptance to be automatic (configured in the profile).
Re: Force SSL/TLS connection for new certificate.
Posted: Fri Feb 23, 2024 10:28 pm
by tobias
Hello,
since the error is "Hostname mismatch", please try to specify the correct hostname (subdomain.domain) from the "Subject" of the certificate in the FTP URL.
If this is not possible, you can force allowing all SSL Certificates by adding this line to the [Main] section in Syncovery.ini:
AcceptAllSSLCertificates=1
Or you can add a PascalScript like the following to the profile, which can accept the certificate with some basic checks:
Code: Select all
function OnVerifyTLSCertificate(const ServerURL,Subject,IssuedTo,IssuedBy,
ValidFrom,ValidTo,SerialNumber,SHA1,StatusText:UnicodeString;
var CertificateOK:Boolean):Boolean;
begin
Result:=true;
CertificateOK:=(Pos('Let''s Encrypt',IssuedBy)>0) and
(StatusText='hostname mismatch');
end;
Re: Force SSL/TLS connection for new certificate.
Posted: Sat Feb 24, 2024 10:01 am
by tiagocoelho2
Thanks.
Solved with PascalScript.
