view mod_watchuntrusted/README.wiki @ 1792:8e19b943c2cd

mod_isolate_host: Bump event hook priorities to make sure they are above the core plugins
author Kim Alvefur <zash@zash.se>
date Wed, 26 Aug 2015 18:04:55 +0200
parents 29f3d6b7ad16
children
line wrap: on
line source

#summary Warn admins about outgoing s2s connections that are refused due to invalid or untrusted certificates
#labels Stage-Alpha

= Introduction =

Similar to mod_watchregistrations, this module warns admins when an s2s connection fails due for encryption or trust reasons.

The certificate shows the SHA1 hash, so it can easily be used together with mod_s2s_auth_fingerprint.

= Configuration =

{{{
modules_enabled = {
	-- other modules --
	"watchuntrusted",

}

untrusted_fail_watchers = { "admin@example.lit" }
untrusted_fail_notification = "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors"
}}}

|| *Option*                          || *Default* || *Description* ||
|| untrusted_fail_watchers || All admins      || The users to send the message to ||
|| untrusted_fail_notification         || "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors"      || The message to send, $from_host, $to_host, $sha1 and $errors are replaced  ||


= Compatibility =

||trunk||Works||