--- loncom/LondConnection.pm	2004/06/17 10:15:46	1.32
+++ loncom/LondConnection.pm	2004/06/17 11:02:25	1.33
@@ -1,7 +1,7 @@
 #   This module defines and implements a class that represents
 #   a connection to a lond daemon.
 #
-# $Id: LondConnection.pm,v 1.32 2004/06/17 10:15:46 foxr Exp $
+# $Id: LondConnection.pm,v 1.33 2004/06/17 11:02:25 foxr Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -259,8 +259,8 @@ sub new {
 	return undef;		# Inidicates the socket could not be made.
     }
     my $socket = $self->{Socket}; # For local use only.
-    #  If we are local, we'll first try local auth mode, otherwise, we'll try the 
-    #  ssl auth mode:
+    #  If we are local, we'll first try local auth mode, otherwise, we'll try
+    #  the ssl auth mode:
 
     Debug(8, "Connecting to $DnsName I am $LocalDns");
     my $key;
@@ -290,10 +290,29 @@ sub new {
 	    return undef;
 	}
 
-    } 
+    }
     else {
-	$self->{AuthenticationMode} = "ssl";
-	$self->{TransactionRequest} = "init:ssl\n";
+	#  Remote peer:  I'd like to do ssl, but if my host key or certificates
+	#  are not all installed, my only choice is insecure, if that's 
+	#  allowed:
+
+	my ($ca, $cert) = lonssl::CertificateFile;
+	my $sslkeyfile  = lonssl::KeyFile;
+
+	if((defined $ca)  && (defined $cert) && (defined $sslkeyfile)) {
+
+	    $self->{AuthenticationMode} = "ssl";
+	    $self->{TransactionRequest} = "init:ssl\n";
+	} else {
+	    if($InsecureOk) {		# Allowed to do insecure:
+		$self->{AuthenticationMode} = "insecure";
+		$self->{TransactionRequest} = "init\n";
+	    }
+	    else {		# Not allowed to do insecure...
+		$socket->close;
+		return undef;
+	    }
+	}
     }
 
     #