[
https://issues.apache.org/jira/browse/GERONIMO-3703?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12551589
]
Sangjin Lee commented on GERONIMO-3703:
---------------------------------------
It should be OK, because sessions are reused for the specific host and port.
The only case where it might get interesting is TLS where the same socket can
be used both for http and https. However, I think the SSL filter is then
constructed with TLS and the underlying SSLSocketFactory and SSLEngine would be
TLS aware. So I suspect it would be OK.
We might need to develop unit tests around TLS to test it vigorously in general.
> should allow custom SSL context for AsyncHttpClient
> ---------------------------------------------------
>
> Key: GERONIMO-3703
> URL: https://issues.apache.org/jira/browse/GERONIMO-3703
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: AsyncHttpClient
> Affects Versions: 1.x
> Reporter: Sangjin Lee
> Priority: Critical
> Attachments: 3703.patch
>
>
> Currently the SSLContext that's used to do https cannot be configured or
> customized. One needs to be able to create and pass in custom SSLContext to
> be able to use its own cert directory, keystore file, etc.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
