Adding a certificate validation option
-
Bypassing cert validation is not recommended for production systems.
I propose adding an option to the settings pagein the form of a path to the cert on the server. This can be done pretty simply without introducing any breaking changes. If a path is entered, phpCAS::setCasServerCACert will be used, otherwise validation will be bypassed using phpCAS::setNoCasServerValidation() like the current default behavior.
This removes the need for the comment that says ‘// if you want to set a cert, replace the above few lines’
Here’s a commit with all of the changes
- The topic ‘Adding a certificate validation option’ is closed to new replies.
