Oliver Lietz created SLING-10965:
------------------------------------
Summary: Support server identity check
Key: SLING-10965
URL: https://issues.apache.org/jira/browse/SLING-10965
Project: Sling
Issue Type: New Feature
Components: Commons
Reporter: Oliver Lietz
Assignee: Oliver Lietz
Fix For: Commons Messaging Mail 2.0.0
??Server Identity Check RFC 2595 specifies addition checks that must be
performed on the server's certificate to ensure that the server you connected
to is the server you intended to connect to. This reduces the risk of "man in
the middle" attacks. For compatibility with earlier releases of Jakarta Mail,
these additional checks are disabled by default. We strongly recommend that you
enable these checks when using SSL. To enable these checks, set the
"mail.<protocol>.ssl.checkserveridentity" property to "true".??
[https://eclipse-ee4j.github.io/mail/docs/SSLNOTES.txt]
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
