|
1782
|
1 #summary Warn admins about outgoing s2s connections that are refused due to invalid or untrusted certificates
|
|
|
2 #labels Stage-Alpha
|
|
|
3
|
|
|
4 = Introduction =
|
|
|
5
|
|
|
6 Similar to mod_watchregistrations, this module warns admins when an s2s connection fails due for encryption or trust reasons.
|
|
|
7
|
|
|
8 The certificate shows the SHA1 hash, so it can easily be used together with mod_s2s_auth_fingerprint.
|
|
|
9
|
|
|
10 = Configuration =
|
|
|
11
|
|
|
12 {{{
|
|
|
13 modules_enabled = {
|
|
|
14 -- other modules --
|
|
|
15 "watchuntrusted",
|
|
|
16
|
|
|
17 }
|
|
|
18
|
|
|
19 untrusted_fail_watchers = { "admin@example.lit" }
|
|
|
20 untrusted_fail_notification = "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors"
|
|
|
21 }}}
|
|
|
22
|
|
|
23 || *Option* || *Default* || *Description* ||
|
|
|
24 || untrusted_fail_watchers || All admins || The users to send the message to ||
|
|
|
25 || untrusted_fail_notification || "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors" || The message to send, $from_host, $to_host, $sha1 and $errors are replaced ||
|
|
|
26
|
|
|
27
|
|
|
28 = Compatibility =
|
|
|
29
|
|
|
30 ||trunk||Works|| |
