- ssl:setVerify(mode)
- mode = ssl:getVerify()
SYNOPSIS
DESCRIPTION
There are three levels of verification against a peer:
- "none"
- Do not require verified identification from a peer. Any peer connection is accepted.
- "optional"
- Optional accept a certificate from a peer. The certificate can be inspected after the connection has been established, but if the peer does not identify, it is still accepted.
- "required"
- The peer must present a certificate. That certificate is verified against the local list of certificate authorities. Only if the certificate validates is the connection accepted.
Call ssl:setMode() with one of the arguments from the list above to set the verification mode. Calling it with any other argument will raise a Lua error.
Query the configured verification mode with ssl:getVerify().
The verify setting must be configured before a SSL connection can be established. Even if no verification is required, this must explicitly be stated.
RETURN VALUE
The function ssl:setVerify() returns nothing.
The query ssl:getVerify() returns nil if the mode has not been configured yet or returns either "none", "optional" or "required" to indicate the configured mode.