[
https://issues.apache.org/jira/browse/KNOX-1643?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16711941#comment-16711941
]
Kevin Risden commented on KNOX-1643:
------------------------------------
Attached a patch that moves the SSLSocketFactory creation to its own method.
Removed the useTwoWaySsl check so this is always enabled.
This should avoid cases where the behavior is different with and without two
way ssl.
> Default HttpClient should trust gateway certificate
> ---------------------------------------------------
>
> Key: KNOX-1643
> URL: https://issues.apache.org/jira/browse/KNOX-1643
> Project: Apache Knox
> Issue Type: Improvement
> Reporter: Kevin Risden
> Assignee: Kevin Risden
> Priority: Major
> Fix For: 1.3.0
>
> Attachments: KNOX-1643.patch
>
>
> Currently DefaultHttpClientFactory only trust the gateway certificate when
> useTwoWaySsl is set to true.
> [https://github.com/apache/knox/blob/master/gateway-spi/src/main/java/org/apache/knox/gateway/dispatch/DefaultHttpClientFactory.java#L81]
> We should probably trust our own certificate anyway.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
