Github user robertdale commented on the issue:
https://github.com/apache/tinkerpop/pull/912
Right, when it's security-related, you're given a pass to break anything!
:rage1: :rage2: :rage3: :rage4:
Seriously, the breaking change is only if you relied on the server
generating self-signed certs or if the client accepted all certs. In the server
case, you have to configure SSL correctly. In the client case, you can revert
to previous behavior with a one line change. In both cases, I think they are
trivial enough configuration changes that warrant going back to tp32 to set
things right.
---
