Marcelo Vanzin created SPARK-23538: -------------------------------------- Summary: Simplify SSL configuration for https client Key: SPARK-23538 URL: https://issues.apache.org/jira/browse/SPARK-23538 Project: Spark Issue Type: Improvement Components: Spark Core Affects Versions: 2.4.0 Reporter: Marcelo Vanzin
There's code in {{SecurityManager}} that is used to configure SSL for the code that downloads dependencies from https servers: {code} // SSL configuration for the file server. This is used by Utils.setupSecureURLConnection(). val fileServerSSLOptions = getSSLOptions("fs") val (sslSocketFactory, hostnameVerifier) = if (fileServerSSLOptions.enabled) { ... {code} It was added for an old feature that doesn't exist anymore (the "file server" referenced in the comment), but can still be used to configure the built-in JRE SSL code with a custom trust store, for example. We should instead: - move this code out of SecurityManager, and place it where it's actually used ({{Utils.setupSecureURLConnection}}. - remove the dummy trust manager / host verifier since they don't make a lot of sense for the client code (and only made slightly more sense for the file server case). -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org