[
https://issues.apache.org/jira/browse/QPID-5960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14087584#comment-14087584
]
Keith Wall commented on QPID-5960:
----------------------------------
Rob said: For convenience for those upgrading from earlier versions, would it
make sense to add a system property to be able to set the global default, in
addition to the existing ability to set at the individual connection level? In
this way those who do not want to have to edit a number of connection URLs
could simply set a system property to restore the previous (broken) behaviour.
> ssl_verify_hostname should default to true rather than false
> ------------------------------------------------------------
>
> Key: QPID-5960
> URL: https://issues.apache.org/jira/browse/QPID-5960
> Project: Qpid
> Issue Type: Improvement
> Components: Java Client
> Reporter: Keith Wall
> Fix For: 0.29
>
>
> The Java Client's connection url option ssl_verify_hostname has traditionally
> defaulted to false meaning that during the SSL negotiation the Java client
> ignores hostname errors. This is weak: by default the client should
> validate the hostname. If users should be forced to turn host name
> verification off if desired.
> I believe this will also bring the behaviour of the Java client in line with
> the CPP client (QPID-5841)
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
