Bug #34250
Updated by Leos Stejskal almost 3 years ago
*Steps to Reproduce:*
1. Go to Hosts > Register Host
2. Click on the "?" next to the "Insecure" check box
*Actual results:*
"If the target machine does not trust the host SSL certificate, the initial connection could be subject to Man in the middle attack. If you accept the risk and do not require the server authenticity to be verified, you can enable insecure argument for the initial curl. Note that all subsequent communication is then properly secured, because the initial request deploys the SSL certificate for the rest of the registration process."
*Expected results:*
"If the target machine does not trust the host SSL certificate, the initial connection could be subject to a man-in-the-middle attack. If you accept the risk and do not require the server authenticity to be verified, you can enable insecure argument for the initial curl. Note that all subsequent communication is then properly secured, because the initial request deploys the SSL certificate for the rest of the registration process."
Additional notes:
I just added "a man-in-the-middle attack" to make the text more readable and consistent.