[
https://issues.apache.org/jira/browse/GERONIMO-3703?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12551169
]
Sangjin Lee commented on GERONIMO-3703:
---------------------------------------
One could add SSLContext to HttpRequestMessage as an optional field. In
FutureListener, we could check the protocol (if it is https), check to see if
the SSL filter is already in the filter chain (to handle a situation where the
session is being reused), and then check the SSLContext off of the
HttpRequestMessage and use it.
The only interesting case is what you want to do if you need an SSLContext and
the caller didn't set it on HttpRequestMessage. Do you then throw a
RuntimeException or do you use a default SSLContext (something like what's
being used currently)? I would think using a default context might not be a
bad idea, but others might differ.
> should allow custom SSL context for AsyncHttpClient
> ---------------------------------------------------
>
> Key: GERONIMO-3703
> URL: https://issues.apache.org/jira/browse/GERONIMO-3703
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: AsyncHttpClient
> Affects Versions: 1.x
> Reporter: Sangjin Lee
> Priority: Critical
>
> Currently the SSLContext that's used to do https cannot be configured or
> customized. One needs to be able to create and pass in custom SSLContext to
> be able to use its own cert directory, keystore file, etc.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
