I'm looking for how SSL hostname verification can turned off and on in Solr and I have been confused by the startup parameter:
-Dsolr.ssl.checkPeerName=false. >From what I can see this parameter sets the value for: HttpClientUtil. SYS_PROP_CHECK_PEER_NAME. This property appears to only be used in the test framework though, specifically in the: SSLTestConfig So it appears that -Dsolr.ssl.checkPeerName=false has no effect on a running Solr instance. But the documentation says the following: "If you created your SSL key without all DNS names/IP addresses on which Solr nodes will run, you can tell Solr to skip hostname verification for inter-Solr-node communications by setting the solr.ssl.checkPeerName system property to false" So the documentation appears to be incorrect. This brings up two questions: Does anyone know if there is a way to turn off and on SSL hostname verification in Solr? Does anyone know what the default behavior for SSL hostname verification is in Solr? Joel Bernstein http://joelsolr.blogspot.com/
