When 'useHttpsURLConnectionDefaultSslSocketFactory' is true, the
'trustManagers' configuration is not truly ignored
--------------------------------------------------------------------------------------------------------------------
Key: CXF-2863
URL: https://issues.apache.org/jira/browse/CXF-2863
Project: CXF
Issue Type: Improvement
Components: Transports
Affects Versions: 2.2.9
Environment: Spring Framework 3.x
Reporter: jdu
Priority: Minor
According to documentation when 'useHttpsURLConnectionDefaultSslSocketFactory'
is true, the 'jsseProvider', 'secureSocketProtocol', 'trustManagers',
'keyManagers', 'secureRandom', 'cipherSuites' and 'cipherSuitesFilter'
configuration parameters are ignored.
But, invalid 'trustManagers' (missing truststore file for example) leads to
error.
While this parameter has been added to easily disable SSL verification while
being on testing/development phases.
As far as, a valid 'truststore' file need to be provided, the main objective
(easy setup) is not reach.
Expected behavior: when 'useHttpsURLConnectionDefaultSslSocketFactory' is
true, the 'jsseProvider', 'secureSocketProtocol', 'trustManagers',
'keyManagers', 'secureRandom', 'cipherSuites' and 'cipherSuitesFilter'
configuration parameters are completely ignored (invalid or incomplete
configuration).
I suggest to fix it in 'TLSClientParametersConfig' by quickly return out of the
function 'createTLSClientParametersFromType' when
"params.isUseHttpsURLConnectionDefaultSslSocketFactory()" is true.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
