1786
|
1 |
#summary Warn admins about outgoing s2s connections that are refused due to invalid or untrusted certificates |
|
2 |
#labels Stage-Alpha |
|
3 |
|
|
4 |
= Introduction = |
|
5 |
|
|
6 |
Similar to mod_watchregistrations, this module warns admins when an s2s connection fails due for encryption or trust reasons. |
|
7 |
|
|
8 |
The certificate shows the SHA1 hash, so it can easily be used together with mod_s2s_auth_fingerprint. |
|
9 |
|
|
10 |
= Configuration = |
|
11 |
|
|
12 |
{{{ |
|
13 |
modules_enabled = { |
|
14 |
-- other modules -- |
|
15 |
"watchuntrusted", |
|
16 |
|
|
17 |
} |
|
18 |
|
|
19 |
untrusted_fail_watchers = { "admin@example.lit" } |
|
20 |
untrusted_fail_notification = "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors" |
|
21 |
}}} |
|
22 |
|
|
23 |
|| *Option* || *Default* || *Description* || |
|
24 |
|| untrusted_fail_watchers || All admins || The users to send the message to || |
|
25 |
|| untrusted_fail_notification || "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors" || The message to send, $from_host, $to_host, $sha1 and $errors are replaced || |
|
26 |
|
|
27 |
|
|
28 |
= Compatibility = |
|
29 |
|
|
30 |
||trunk||Works|| |