Hi there, We're evaluating the usage of akka-http for one of our projects.
I see a warning message on the top of http://doc.akka.io/docs/akka-http/10.0.0/scala/http/client-side/client-https-support.html stating the following: Warning Akka HTTP 1.0 does not completely validate certificates when using HTTPS. Please do not treat HTTPS connections made with this version as secure. Requests are vulnerable to a Man-In-The-Middle attack via certificate substitution. I'm wondering what the devs are planning to do to patch this issue and when the fix is expected. Also, it would be helpful if there'd be a link to the open issue, so users can track the status of the fix. Thanks, Ferenc -- This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.digitalasset.com/emaildisclaimer.html. If you are not the intended recipient, please delete this message. -- >>>>>>>>>> Read the docs: http://akka.io/docs/ >>>>>>>>>> Check the FAQ: >>>>>>>>>> http://doc.akka.io/docs/akka/current/additional/faq.html >>>>>>>>>> Search the archives: https://groups.google.com/group/akka-user --- You received this message because you are subscribed to the Google Groups "Akka User List" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/akka-user. For more options, visit https://groups.google.com/d/optout.
