Ask Your Question
0

How to turn off certificate checking

asked 2013-07-03 16:55:54 -0600

when using openid I'm getting back the openid is invalid. if I put the openid in a browser I get the openid xml file. If I curl the openid I get a bad certificate error. If I curl -k the open id it works fine. I believe askbot is using libcurl.

Is there a way to -k (turn off certificate checking)?

I'm the server admin so modifying code / files no biggie.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2013-07-03 17:07:20 -0600

Evgeny gravatar image

Askbot is using python openid library, you might need to dig it.

I don't think we should be changing this, as all mainstream openid providers take care of their certificates. It should be the responsibility of the openid provider not us, IMO.

edit flag offensive delete link more

Comments

Yea, changing library's is not my plan for sure. I was hoping for a "allow untrusted certificates" option. I'll live this open so others can leave their opinions.

mattben gravatar imagemattben ( 2013-07-03 17:10:44 -0600 )edit

Maybe the library allows this then you can enable this in your fork of Askbot, we could add a settings.py option. I suspect this will be very rarely used though... Do you need this to support some DIY openid provider?

Evgeny gravatar imageEvgeny ( 2013-07-03 17:14:31 -0600 )edit

Yes, that is the case, some of the nodes in our federation are not good at keeping there certificates up to date. So some nodes openid's work but ones that give a security warning on browsers do not.

mattben gravatar imagemattben ( 2013-07-03 17:17:40 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2013-07-03 16:55:54 -0600

Seen: 84 times

Last updated: Jul 03 '13