A few issues on HTTP/S:
First, I submitted https://issues.apache.org/jira/browse/CXF-514. We should allow clients to run with only a truststore, as client authentication is not mandatory, in SSL.
Would folks be amenable to making the default keystore type in the HTTPs transport JKS? This seems a bit more amenable to most Java users -- I was surprised to see that PKCS#12 is the default. It also seems a bit counterintuitive that the default truststore type is JKS, whereas for "personal" keystores (i.e., keystores that ostensibly contain private keys), it's PKCS12. Anyone know why?
Also, I don't see support for a truststore password -- we want this, I think, if it's not already there.
Thanks, -Fred
