risdenk commented on code in PR #585:
URL: https://github.com/apache/solr/pull/585#discussion_r1002848486
##########
solr/core/src/java/org/apache/solr/client/solrj/embedded/JettySolrRunner.java:
##########
@@ -304,7 +304,11 @@ private void init(int port) {
ServerConnector connector;
if (sslcontext != null) {
configuration.setSecureScheme("https");
- configuration.addCustomizer(new SecureRequestCustomizer());
+ SecureRequestCustomizer customizer = new
SecureRequestCustomizer(false);
+ sslcontext.setSniRequired(false);
+ customizer.setSniHostCheck(false);
Review Comment:
SNI is server name indication and as far as I've seen only ever required if
you have multiple websites behind a single server - and the server needs to
figure out which website for which TLS certificate. Basically the ability to
host multiple sites with multiple TLS certificates.
JettySolrRunner either in tests or as an embedded server doesn't need to
support SNI so makes SNI not required and doesn't do the SNI check.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
