Keith Wall created QPID-5960:
--------------------------------
Summary: ssl_verify_hostname should default to true rather than
false
Key: QPID-5960
URL: https://issues.apache.org/jira/browse/QPID-5960
Project: Qpid
Issue Type: Improvement
Components: Java Client
Reporter: Keith Wall
Fix For: 0.29
The Java Client's connection url option ssl_verify_hostname has traditionally
defaulted to false meaning that during the SSL negotiation the Java client
ignores hostname errors. This is weak: by default the client should validate
the hostname. If users should be forced to turn host name verification off if
desired.
I believe this will also bring the behaviour of the Java client in line with
the CPP client (QPID-5841)
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
