[ https://issues.apache.org/jira/browse/JCR-4536?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17151187#comment-17151187 ]
Julian Reschke commented on JCR-4536: ------------------------------------- - At the end of the day, this needs to be triggered somewhere by config (or am I wrong here?). Once it is turned off, the user will have an insecure client and might not know it. - See JCR-4574, which has an incomplete patch. - For now I'd like to capture the discussion here (JCR is officially in SVN, not Github). We can use the PR when we discuss details. > Feature/enable insecure https host > ---------------------------------- > > Key: JCR-4536 > URL: https://issues.apache.org/jira/browse/JCR-4536 > Project: Jackrabbit Content Repository > Issue Type: Improvement > Components: jackrabbit-spi2dav > Reporter: Max Barrass > Assignee: Konrad Windszus > Priority: Major > > Adding support for insecure parameter to allow access to https with invalid > certs. > Enabling optional support for expired ssl certs when using https on > development server with self generated certificates. > Pull request already created and ready for review > [https://github.com/apache/jackrabbit/pull/88] -- This message was sent by Atlassian Jira (v8.3.4#803005)