MEN-8351: fix(build): Set default value for secondary CA cert to false + misc #207
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Lluis Campos <[email protected]>
Ticket: MEN-8351 Signed-off-by: Lluis Campos <[email protected]>
The secondary CA cert is really optional, as a custom Mender Server could use the same domain for both API calls and Artifacts storage. Set `MENDER_NET_CA_CERTIFICATE_TAG_SECONDARY_ENABLED` default to `n` and instead select it when selecting hosted Mender option(s). Ticket: MEN-8351 Signed-off-by: Lluis Campos <[email protected]>
lluiscampos
force-pushed
the
MEN-8351-improvements-self-hosted
branch
from
ee4aacf to
092a79f
Compare
lluiscampos
changed the title
vpodzime
approved these changes
May 12, 2025
| @@ -469,7 +469,7 @@ if MENDER_MCU_CLIENT | |||
| range 0 2 | |||
| default 2 | |||
| help | |||
| Peer verification level for TLS connection. | |||
| Peer verification level for TLS connection. For testing purposes, set to 0 to skip TLS peer verify | |||
There was a problem hiding this comment.
IMO we don't really support "optional", because to properly use it we would need to check the handshake result and print a warning or something.
There was a problem hiding this comment.
Right. The help should say it then. And perhaps create a task to make sure 1 is handled gracefully?
danielskinstad
approved these changes
May 12, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The secondary CA cert is really optional, as a custom Mender Server could use the same domain for both API calls and Artifacts storage.
Set
MENDER_NET_CA_CERTIFICATE_TAG_SECONDARY_ENABLEDdefault tonand instead select it when selecting hosted Mender option(s).