MEDIUM: httpclient: re-enable the verify by default Since the httpclient verify now has a fallback which disable the SSL in the httpclient without exiting haproxy at startup, we can safely re-enable it by default. It could still be disabled with "httpclient-ssl-verify none".

commit: f1344b3cee9c190f0cf4081b72e0544c47f3eb11 [log] [tgz]
author: William Lallemand <wlallemand@haproxy.org> Tue Apr 26 12:00:06 2022 +0200
committer: William Lallemand <wlallemand@haproxy.org> Tue Apr 26 16:15:23 2022 +0200
tree: 64774d5b9e9e892284620a6e67904a830a270c3d
parent: 4cfbf3c014cf013542533d46b21ccc518ad8866c [diff]
diff --git a/src/http_client.c b/src/http_client.c
index 52255be..69add1a 100644
--- a/src/http_client.c
+++ b/src/http_client.c

@@ -41,7 +41,7 @@
 static struct server *httpclient_srv_raw;
 #ifdef USE_OPENSSL
 static struct server *httpclient_srv_ssl;
-static int httpclient_ssl_verify = SSL_SOCK_VERIFY_NONE;
+static int httpclient_ssl_verify = SSL_SOCK_VERIFY_REQUIRED;
 #endif
 static struct applet httpclient_applet;
commit	f1344b3cee9c190f0cf4081b72e0544c47f3eb11	[log] [tgz]
author	William Lallemand <wlallemand@haproxy.org>	Tue Apr 26 12:00:06 2022 +0200
committer	William Lallemand <wlallemand@haproxy.org>	Tue Apr 26 16:15:23 2022 +0200
tree	64774d5b9e9e892284620a6e67904a830a270c3d
parent	4cfbf3c014cf013542533d46b21ccc518ad8866c [diff]