Syncovery Support Forum

A forum for all questions and requests concerning Syncovery
https://www.syncovery.com/forum/

Force SSL/TLS connection for new certificate.

https://www.syncovery.com/forum/viewtopic.php?t=839

Page 1 of 1

Force SSL/TLS connection for new certificate.

Posted: Fri Feb 23, 2024 8:24 pm
by tiagocoelho2
Hello.
Is there a profile configuration option that forces the SSL/TLS connection when updating the certificate?
I know there is the /ACCEPTSERVER command line, but I wanted acceptance to be automatic (configured in the profile).

Re: Force SSL/TLS connection for new certificate.

Posted: Fri Feb 23, 2024 10:28 pm
by tobias
Hello,
since the error is "Hostname mismatch", please try to specify the correct hostname (subdomain.domain) from the "Subject" of the certificate in the FTP URL.

If this is not possible, you can force allowing all SSL Certificates by adding this line to the [Main] section in Syncovery.ini:

AcceptAllSSLCertificates=1

Or you can add a PascalScript like the following to the profile, which can accept the certificate with some basic checks:

Code: Select all

function OnVerifyTLSCertificate(const ServerURL,Subject,IssuedTo,IssuedBy,
            ValidFrom,ValidTo,SerialNumber,SHA1,StatusText:UnicodeString;
            var CertificateOK:Boolean):Boolean;
begin
   Result:=true;
   CertificateOK:=(Pos('Let''s Encrypt',IssuedBy)>0) and
                          (StatusText='hostname mismatch');
   end;

Re: Force SSL/TLS connection for new certificate.

Posted: Sat Feb 24, 2024 10:01 am
by tiagocoelho2
Thanks.

Solved with PascalScript. ;)

Re: Force SSL/TLS connection for new certificate.

Posted: Mon Jan 19, 2026 11:13 am
by tomtom
Hello!

Sorry for bringing up this old thread, but i have a similar problem with certificates.
Everytime the server issues a new certificate i need to manually run the profile and accept the certificate.

So i tried the "AcceptAllSSLCertificates=1" option as stated by tobias and restarted the Service but still same problem.
Im running a rather old version (8.42), does this version even recognize "AcceptAllSSLCertificates" ?

Re: Force SSL/TLS connection for new certificate.

Posted: Mon Jan 19, 2026 11:29 am
by tobias
Hello,
version 8.40 doesn't recognize it, but the last free update version 8.70 does know the AcceptAllSSLCertificates option in Syncovery.ini. You can just install it over the existing version. The download is still available in our additional downloads page.

Newer Syncovery versions are able to recognize most valid TLS certificates automatically. In that case you don't need the switch in Syncovery.ini. It's possible that version 8.70 fixes your problem even without the switch.

You may also be interested in ordering an upgrade to Syncovery 11, which is much improved! Read more about it here:
www.syncovery.com/syncovery11/

The upgrade site is:
www.syncovery.com/upgrade/

Here's an article with our latest developments, including the Syncovery 11 announcement:
www.syncovery.com/documentation/news/la ... elopments/

And here's some news about the previous Syncovery versions 8, 9 and 10:
www.syncovery.com/syncovery10/

www.syncovery.com/syncovery9/

Re: Force SSL/TLS connection for new certificate.

Posted: Mon Jan 19, 2026 12:33 pm
by tomtom
Hello,
thanks for the fast answer!

I installed the 8.70 Update and will be waiting for next certificate swap in two month. :D
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited