summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/src/tls-openssl.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 9aa655e82..c23ac031f 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -1872,7 +1872,9 @@ if (expciphers != NULL)
#ifdef EXPERIMENTAL_DANE
if (tlsa_dnsa)
{
- SSL_CTX_set_verify(client_ctx, SSL_VERIFY_PEER, verify_callback_client_dane);
+ SSL_CTX_set_verify(client_ctx,
+ SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_callback_client_dane);
if (!DANESSL_library_init())
return tls_error(US"library init", host, NULL);
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 06:34:57 +0000