[Bug 61394] NIO/NIO2 + OpenSSL renegotiation doesn't send list of CAs to user agent

bugzilla Wed, 09 Aug 2017 08:27:37 -0700

https://bz.apache.org/bugzilla/show_bug.cgi?id=61394


--- Comment #5 from George Stanchev <stanc...@hotmail.com> ---
I don't mean to derail the discussion but we implement a trust-all manager
thats gets injected from the connector attrobutes:

public class AnyCertX509TrustManager implements X509TrustManager {
    public void checkClientTrusted(X509Certificate[] certs, String auth) {}
    public void checkServerTrusted(X509Certificate[] certs, String auth) {}
    public X509Certificate[] getAcceptedIssuers() { return new
X509Certificate[0]; }
}

In case of OpenSSL setup, would the proposed approach to send the accepted
issuers as [0] sized array of certs mean "trust-all" to OpenSSL or "trust-none"

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61394] NIO/NIO2 + OpenSSL renegotiation doesn't send list of CAs to user agent

Reply via email to