michael-o commented on a change in pull request #64: WAGON-585 maven.wagon.http.ssl features documentation is incomplete URL: https://github.com/apache/maven-wagon/pull/64#discussion_r399789726
########## File path: wagon-providers/wagon-http/src/site/apt/index.apt ########## @@ -50,11 +50,11 @@ Features Other features can be configured through system properties: - * <<<maven.wagon.http.ssl.insecure>>> = true/false (default false), enable/disable use of relaxed ssl check for user generated certificates. + * <<<maven.wagon.http.ssl.insecure>>> = true/false (default false), enable/disable relaxed check of public key certificates (e.g. self-signed ones). Relaxed check means that any chain with 1 or more certificates will be considered valid if all the certificate dates in the chain are valid (dates check can be overridden as well - see below). Setting it to <<<true>>> also enables usage of the following properties: - * <<<maven.wagon.http.ssl.allowall>>> = true/false (default false), enable/disable match of the server's X.509 certificate with hostname. If disabled, a browser like check will be used. + * <<<maven.wagon.http.ssl.allowall>>> = true/false (default false), enable/disable match of the server's X.509 certificate with hostname. If <<<false>>>/unset, a "browser-like check" will be used, which means that the hostname must match either the first CN, or any of the subject-alts. A wildcard can occur in the CN, and in any of the subject-alts. Review comment: rename `subject-alts` either to `SAN` or the full version. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
