Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Renegotiate TLS -- allow public access with no cert #96

Open
timbl opened this issue Sep 28, 2018 · 1 comment
Open

Renegotiate TLS -- allow public access with no cert #96

timbl opened this issue Sep 28, 2018 · 1 comment

Comments

@timbl
Copy link
Member

timbl commented Sep 28, 2018

The server currently asks for a certificate even if it is serving a public page. It should (like node-solid-server now) only ask for a cert when a protected page is asked for. It should re-negotiate the TLS connection in that case from no client cert to client cert level.
That fix would prevent the popups which people get whenever a script tries to look up the webid of people on databox.me
_

@timbl
Copy link
Member Author

timbl commented Sep 28, 2018

Possibly the problem was that the golang TLS support was not very well developped at the time, and that might have changed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant