equal
deleted
inserted
replaced
|
1 --- |
|
2 labels: |
|
3 - 'Stage-Alpha' |
|
4 summary: | |
|
5 Warn admins about outgoing s2s connections that are refused due to |
|
6 invalid or untrusted certificates |
|
7 ... |
|
8 |
|
9 Introduction |
|
10 ============ |
|
11 |
|
12 Similar to mod\_watchregistrations, this module warns admins when an s2s |
|
13 connection fails due for encryption or trust reasons. |
|
14 |
|
15 The certificate shows the SHA1 hash, so it can easily be used together |
|
16 with mod\_s2s\_auth\_fingerprint. |
|
17 |
|
18 Configuration |
|
19 ============= |
|
20 |
|
21 modules_enabled = { |
|
22 -- other modules -- |
|
23 "watchuntrusted", |
|
24 |
|
25 } |
|
26 |
|
27 untrusted_fail_watchers = { "admin@example.lit" } |
|
28 untrusted_fail_notification = "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors" |
|
29 |
|
30 Option Default Description |
|
31 ------------------------------- --------------------------------------------------------------------------------------------------------------- --------------------------------------------------------------------------------- |
|
32 untrusted\_fail\_watchers All admins The users to send the message to |
|
33 untrusted\_fail\_notification "Establishing a secure connection from \$from\_host to \$to\_host failed. Certificate hash: \$sha1. \$errors" The message to send, \$from\_host, \$to\_host, \$sha1 and \$errors are replaced |
|
34 |
|
35 Compatibility |
|
36 ============= |
|
37 |
|
38 ------- ------- |
|
39 trunk Works |
|
40 ------- ------- |