summary refs log tree commit diff
path: root/synapse/config/tls.py
diff options
context:
space:
mode:
authorJeroen <vo.jeroen@gmail.com>2018-06-26 20:41:05 +0200
committerJeroen <vo.jeroen@gmail.com>2018-06-26 20:41:05 +0200
commitb7f34ee348c9f064d98922dfdbe24a3cf18ca00a (patch)
treea9fa7d4f11cd231f39fd4e6e146b56e7f2afc183 /synapse/config/tls.py
parentformatting changes for pep8 (diff)
downloadsynapse-b7f34ee348c9f064d98922dfdbe24a3cf18ca00a.tar.xz
allow self-signed certificates
Diffstat (limited to 'synapse/config/tls.py')
-rw-r--r--synapse/config/tls.py11
1 files changed, 0 insertions, 11 deletions
diff --git a/synapse/config/tls.py b/synapse/config/tls.py
index b09dc986ab..b66154bc7c 100644
--- a/synapse/config/tls.py
+++ b/synapse/config/tls.py
@@ -47,10 +47,6 @@ class TlsConfig(Config):
 
         self.tls_fingerprints = config["tls_fingerprints"]
 
-        self.tls_ignore_certificate_validation = config.get(
-            "tls_ignore_certificate_validation", False
-        )
-
         # Check that our own certificate is included in the list of fingerprints
         # and include it if it is not.
         x509_certificate_bytes = crypto.dump_certificate(
@@ -77,8 +73,6 @@ class TlsConfig(Config):
         tls_private_key_path = base_key_name + ".tls.key"
         tls_dh_params_path = base_key_name + ".tls.dh"
 
-        tls_ignore_certificate_validation = False
-
         return """\
         # PEM encoded X509 certificate for TLS.
         # You can replace the self-signed certificate that synapse
@@ -123,11 +117,6 @@ class TlsConfig(Config):
         #
         tls_fingerprints: []
         # tls_fingerprints: [{"sha256": "<base64_encoded_sha256_fingerprint>"}]
-
-        # Ignore certificate validation for TLS client connections to other
-        # homeservers using federation. Don't enable this in a production
-        # environment, unless you know what you are doing!
-        tls_ignore_certificate_validation: %(tls_ignore_certificate_validation)s
         """ % locals()
 
     def read_tls_certificate(self, cert_path):