Crypto setting defaults
#1412
Replies: 1 comment
-
|
I did get into this same confusion myself, using CLI on Windows. I have submitted a pull request for updating the Command Line wiki page to match v2.4.0 behaviour: debauchee/barrier-wiki#8. The Fingerprint Trust toubleshooting site does also need an update (this is not part of the pull request). |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I just upgraded to v2.4.0 (thank you for all the bug/feature improvements, btw :) ). I initially had some problems because of the new default of enabling the crypto features. The biggest trouble surrounded the differences in defaults used in the GUI versus the CLI. Both of them enable crypto by default, but the GUI enables the deprecated option "--disable-client-cert-checking", whereas the CLI does not.
Additionally, if client cert checking is enabled, it looks for a file at ~/.local/share/barrier/SSL/Fingerprints/TrustedClients.txt, which is not populated automatically, and doesn't have any documentation around it as to what is supposed to be inside that file, so at the moment, I have no choice but to pass the same deprecated "--disable-client-cert-checking" flag that the GUI does (I use a systemd user service to launch my barriers process).
Would it be helpful to have a bug report to track either the lack of this default option on the CLI or the lack of documentation about the TrustedClients.txt file?
Beta Was this translation helpful? Give feedback.
All reactions