TLS_FORWARD policy should set ca_file by default
if hostname is set in a TLS_FORWARD policy, but ca_file is not set, then gnutls_x509_trust_list_add_system_trust should be used.
Self sign-up has been disabled due to increased spam activity. If you want to get access, please send an email to a project owner (preferred) or at gitlab(at)nic(dot)cz. We apologize for the inconvenience.
if hostname is set in a TLS_FORWARD policy, but ca_file is not set, then gnutls_x509_trust_list_add_system_trust should be used.