[
https://issues.apache.org/jira/browse/KNOX-1643?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16712127#comment-16712127
]
Kevin Risden commented on KNOX-1643:
------------------------------------
This will break cases relying on the cacerts. It turns out that this
implementation will skip loading the default cacerts. (This is an existing
problem with useTwoWaySSL too).
> Default HttpClient should trust gateway certificate
> ---------------------------------------------------
>
> Key: KNOX-1643
> URL: https://issues.apache.org/jira/browse/KNOX-1643
> Project: Apache Knox
> Issue Type: Improvement
> Reporter: Kevin Risden
> Assignee: Kevin Risden
> Priority: Major
> Fix For: 1.3.0
>
> Attachments: KNOX-1643.patch
>
>
> Currently DefaultHttpClientFactory only trust the gateway certificate when
> useTwoWaySsl is set to true.
> [https://github.com/apache/knox/blob/master/gateway-spi/src/main/java/org/apache/knox/gateway/dispatch/DefaultHttpClientFactory.java#L81]
> We should probably trust our own certificate anyway.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
