Hello.
Is there a profile configuration option that forces the SSL/TLS connection when updating the certificate?
I know there is the /ACCEPTSERVER command line, but I wanted acceptance to be automatic (configured in the profile).
Force SSL/TLS connection for new certificate.
-
- Posts: 43
- Joined: Sun Jul 19, 2020 10:25 am
Force SSL/TLS connection for new certificate.
- Attachments
-
- SSLTLS.png (28.86 KiB) Viewed 9095 times
Re: Force SSL/TLS connection for new certificate.
Hello,
since the error is "Hostname mismatch", please try to specify the correct hostname (subdomain.domain) from the "Subject" of the certificate in the FTP URL.
If this is not possible, you can force allowing all SSL Certificates by adding this line to the [Main] section in Syncovery.ini:
AcceptAllSSLCertificates=1
Or you can add a PascalScript like the following to the profile, which can accept the certificate with some basic checks:
since the error is "Hostname mismatch", please try to specify the correct hostname (subdomain.domain) from the "Subject" of the certificate in the FTP URL.
If this is not possible, you can force allowing all SSL Certificates by adding this line to the [Main] section in Syncovery.ini:
AcceptAllSSLCertificates=1
Or you can add a PascalScript like the following to the profile, which can accept the certificate with some basic checks:
Code: Select all
function OnVerifyTLSCertificate(const ServerURL,Subject,IssuedTo,IssuedBy,
ValidFrom,ValidTo,SerialNumber,SHA1,StatusText:UnicodeString;
var CertificateOK:Boolean):Boolean;
begin
Result:=true;
CertificateOK:=(Pos('Let''s Encrypt',IssuedBy)>0) and
(StatusText='hostname mismatch');
end;
-
- Posts: 43
- Joined: Sun Jul 19, 2020 10:25 am
Re: Force SSL/TLS connection for new certificate.
Thanks.
Solved with PascalScript.
Solved with PascalScript.
