[
https://issues.apache.org/jira/browse/CONNECTORS-579?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13530202#comment-13530202
]
Karl Wright commented on CONNECTORS-579:
----------------------------------------
Ok.
I looked in the httpcomponents code. The basic logic has it fetching the peer
certificates and then deciding not to verify them (because we're ignoring cert
problems). Unfortunately, in the run-up to not verifying the connection, the
following line is executed:
{code}
Certificate[] certs = session.getPeerCertificates();
{code}
It is this like that is throwing the exception that is aborting the connection.
So it looks like I will need to develop a patch for this oversight for
httpcomponents. The earliest I can do that is this evening, so for now we need
to put the RSS connector changes on hold. Maybe instead we can make more
progress with Livelink.
> RSS connector: Add untrusted, unverified SSL support
> ----------------------------------------------------
>
> Key: CONNECTORS-579
> URL: https://issues.apache.org/jira/browse/CONNECTORS-579
> Project: ManifoldCF
> Issue Type: Improvement
> Components: RSS connector
> Affects Versions: ManifoldCF 1.1
> Reporter: Karl Wright
> Assignee: Karl Wright
> Fix For: ManifoldCF 1.1
>
>
> The RSS has never needed SSL support before. But there are some sites that
> serve up everything through SSL. There's no need for host verification etc,
> but a simple "allow everything" approach might well be useful.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
