[ https://issues.apache.org/jira/browse/CXF-2863?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp resolved CXF-2863. ------------------------------ Assignee: Daniel Kulp Fix Version/s: 2.2.10 Resolution: Fixed > When 'useHttpsURLConnectionDefaultSslSocketFactory' is true, the > 'trustManagers' configuration is not truly ignored > -------------------------------------------------------------------------------------------------------------------- > > Key: CXF-2863 > URL: https://issues.apache.org/jira/browse/CXF-2863 > Project: CXF > Issue Type: Improvement > Components: Transports > Affects Versions: 2.2.9 > Environment: Spring Framework 3.x > Reporter: jdu > Assignee: Daniel Kulp > Priority: Minor > Fix For: 2.2.10 > > > According to documentation when > 'useHttpsURLConnectionDefaultSslSocketFactory' is true, the 'jsseProvider', > 'secureSocketProtocol', 'trustManagers', 'keyManagers', 'secureRandom', > 'cipherSuites' and 'cipherSuitesFilter' configuration parameters are ignored. > But, invalid 'trustManagers' (missing truststore file for example) leads to > error. > While this parameter has been added to easily disable SSL verification while > being on testing/development phases. > As far as, a valid 'truststore' file need to be provided, the main objective > (easy setup) is not reach. > Expected behavior: when 'useHttpsURLConnectionDefaultSslSocketFactory' is > true, the 'jsseProvider', 'secureSocketProtocol', 'trustManagers', > 'keyManagers', 'secureRandom', 'cipherSuites' and 'cipherSuitesFilter' > configuration parameters are completely ignored (invalid or incomplete > configuration). > I suggest to fix it in 'TLSClientParametersConfig' by quickly return out of > the function 'createTLSClientParametersFromType' when > "params.isUseHttpsURLConnectionDefaultSslSocketFactory()" is true. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.