https://bz.apache.org/bugzilla/show_bug.cgi?id=61394
--- Comment #5 from George Stanchev <stanc...@hotmail.com> --- I don't mean to derail the discussion but we implement a trust-all manager thats gets injected from the connector attrobutes: public class AnyCertX509TrustManager implements X509TrustManager { public void checkClientTrusted(X509Certificate[] certs, String auth) {} public void checkServerTrusted(X509Certificate[] certs, String auth) {} public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } } In case of OpenSSL setup, would the proposed approach to send the accepted issuers as [0] sized array of certs mean "trust-all" to OpenSSL or "trust-none" -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org