Hi everyone (p2 & ECF) Internally, some (many?) organizations have self-signed certs (for things like their internal build server). If you try to connect to a p2 repository using SSL with a self-signed cert it will fail [1].
[1] https://bugs.eclipse.org/bugs/show_bug.cgi?id=318339 Obviously the default behaviour here is fine, but what would be required if someone wanted to accept a self-signed cert? On HTTPClient 4, you can set the trust store, but I don't think the HTTP Client is accessible from outside ECF. So here are a few questions - Does anybody know of an option (system property) that HttpClient4 will accept to disable trust checking - Is the creation of the HttpClient object extendable such that p2 could create a different HttpClient with different TrustManager (or could this be exposed) - If the first two options are non-starters, would it be possible to add a system property to ECF to disable trust checking (and is this a lot of work)? What do others think? Is this a really bad idea? Are others hitting this problem too or is it just me? Cheers, Ian -- R. Ian Bull | EclipseSource Victoria | +1 250 477 7484 http://eclipsesource.com | http://twitter.com/eclipsesource
_______________________________________________ p2-dev mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/p2-dev
