[
https://issues.apache.org/jira/browse/QPID-5960?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alex Rudyy updated QPID-5960:
-----------------------------
Status: Reviewable (was: In Progress)
> ssl_verify_hostname should default to true rather than false
> ------------------------------------------------------------
>
> Key: QPID-5960
> URL: https://issues.apache.org/jira/browse/QPID-5960
> Project: Qpid
> Issue Type: Improvement
> Components: Java Client
> Reporter: Keith Wall
> Assignee: Keith Wall
> Fix For: 0.29
>
>
> The Java Client's connection url option ssl_verify_hostname has traditionally
> defaulted to false meaning that during the SSL negotiation the Java client
> ignores hostname errors. This is weak: by default the client should
> validate the hostname. If users should be forced to turn host name
> verification off if desired.
> I believe this will also bring the behaviour of the Java client in line with
> the CPP client (QPID-5841)
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
