[
https://issues.apache.org/jira/browse/QPID-5960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14088514#comment-14088514
]
ASF subversion and git services commented on QPID-5960:
-------------------------------------------------------
Commit 1616378 from [email protected] in branch 'qpid/trunk'
[ https://svn.apache.org/r1616378 ]
QPID-5960: Turn on SSL host name verification by default
> ssl_verify_hostname should default to true rather than false
> ------------------------------------------------------------
>
> Key: QPID-5960
> URL: https://issues.apache.org/jira/browse/QPID-5960
> Project: Qpid
> Issue Type: Improvement
> Components: Java Client
> Reporter: Keith Wall
> Assignee: Alex Rudyy
> Fix For: 0.29
>
>
> The Java Client's connection url option ssl_verify_hostname has traditionally
> defaulted to false meaning that during the SSL negotiation the Java client
> ignores hostname errors. This is weak: by default the client should
> validate the hostname. If users should be forced to turn host name
> verification off if desired.
> I believe this will also bring the behaviour of the Java client in line with
> the CPP client (QPID-5841)
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
