[
https://issues.apache.org/jira/browse/CXF-2863?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Kulp resolved CXF-2863.
------------------------------
Assignee: Daniel Kulp
Fix Version/s: 2.2.10
Resolution: Fixed
> When 'useHttpsURLConnectionDefaultSslSocketFactory' is true, the
> 'trustManagers' configuration is not truly ignored
> --------------------------------------------------------------------------------------------------------------------
>
> Key: CXF-2863
> URL: https://issues.apache.org/jira/browse/CXF-2863
> Project: CXF
> Issue Type: Improvement
> Components: Transports
> Affects Versions: 2.2.9
> Environment: Spring Framework 3.x
> Reporter: jdu
> Assignee: Daniel Kulp
> Priority: Minor
> Fix For: 2.2.10
>
>
> According to documentation when
> 'useHttpsURLConnectionDefaultSslSocketFactory' is true, the 'jsseProvider',
> 'secureSocketProtocol', 'trustManagers', 'keyManagers', 'secureRandom',
> 'cipherSuites' and 'cipherSuitesFilter' configuration parameters are ignored.
> But, invalid 'trustManagers' (missing truststore file for example) leads to
> error.
> While this parameter has been added to easily disable SSL verification while
> being on testing/development phases.
> As far as, a valid 'truststore' file need to be provided, the main objective
> (easy setup) is not reach.
> Expected behavior: when 'useHttpsURLConnectionDefaultSslSocketFactory' is
> true, the 'jsseProvider', 'secureSocketProtocol', 'trustManagers',
> 'keyManagers', 'secureRandom', 'cipherSuites' and 'cipherSuitesFilter'
> configuration parameters are completely ignored (invalid or incomplete
> configuration).
> I suggest to fix it in 'TLSClientParametersConfig' by quickly return out of
> the function 'createTLSClientParametersFromType' when
> "params.isUseHttpsURLConnectionDefaultSslSocketFactory()" is true.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
