Daniil Kirilyuk created QPID-8689:
-------------------------------------
Summary: [Broker-J] Remove switch for ignoring SNI host errors
Key: QPID-8689
URL: https://issues.apache.org/jira/browse/QPID-8689
Project: Qpid
Issue Type: Improvement
Components: Broker-J
Affects Versions: qpid-java-broker-9.2.1
Reporter: Daniil Kirilyuk
Fix For: qpid-java-broker-10.0.0
QPID-8535 introduced a context variable "qpid.port.amqp.ignoreInvalidSni" to
bypass SNIhostname errors (e.g. when VH name contains an underscore) and
proceed with SSL handshake would allow the client to continue broker with SSL
handshake even when SNI is incorrect.
As Broker-J will be migrated to Java 17, in this java version an invalid SNI
hostname will disallow client to establish TLS connection with the broker and
the context variable will take no more effect (see -QPID-8587- for details).
Context variable "qpid.port.amqp.ignoreInvalidSni" and associated logic should
be deleted.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
