Query - Client 4.4.7 - Mandatory use of SSLCAFile

I have set up a basic, self-signed SSL connection between my clients and the VirtualHere server.

The clients are Win10 x64 (v4.4.7), the server is Linux x64 (v3.5.8).

The SSL instructions currently state,

"If you want the client to verify the server certificate ... add the parameter SSLCAFile=/path/to/ca.pem under the [General] section of the client vhui.ini ... If you do not add this parameter, then the server certificate will not be verified, but the SSL connection will continue."

With client 4.4.6 I could connect and "System Messages" would show:

INFO :Warning ssl self signed certificate detected

With client 4.4.7 the connection could not be made and "System Messages" showed:

INFO :You must specify the SSLCAFile in the settings when connecting to xxxxxxxx.xxx:7574

Of course I solved this by adding the correct SSLCAFile=/path/to/ca.pem to vhui.ini

(I also found that for Windows clients the path is in the format: SSLCAFile=C:\\path\\to\\ca.pem)

However I just wondered if this change to a mandatory requirement for the client to verify the server certificate was intentional?

#2

Yes, that feature seems to be required now (im using a new ssl library) so i updated the ssl setup page