[jira] [Updated] (LOG4NET-315) SmtpAppender - Add support for ignoring certificate errors
[ https://issues.apache.org/jira/browse/LOG4NET-315?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated LOG4NET-315: --- Fix Version/s: (was: 1.2 Maintenance Release) 1.2.12 SmtpAppender - Add support for ignoring certificate errors -- Key: LOG4NET-315 URL: https://issues.apache.org/jira/browse/LOG4NET-315 Project: Log4net Issue Type: Improvement Components: Appenders Affects Versions: 1.2.11 Reporter: Jim Scott Priority: Minor Fix For: 1.2.12 Original Estimate: 2h Remaining Estimate: 2h As of 1.2.11 the SmtpAppender now has support for enabling smtp connections to use SSL. It is pretty common to have an SMTP server that is using a Self-Signed certificate which will fail the certificate validation. While you can override the certificate error on an application level to overcome this you might want to limit the ignoring of the certificate error just to the appender. Proposed Changes Add property that allows one to indicate they wish to ignore certificate failures. DisableCertificateValidation Add a line like this to SendBuffer method ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateRemoteCertificate); Then create a call back method like so private bool ValidateRemoteCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors policyErrors) { if(DisableCertificateValidation) return true; return policyErrors == null; } -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (LOG4NET-315) SmtpAppender - Add support for ignoring certificate errors
[ https://issues.apache.org/jira/browse/LOG4NET-315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13136036#comment-13136036 ] Jim Scott commented on LOG4NET-315: --- I did some testing today and my above suggestion will not work as I was expecting it to. By setting the callback method on ServicePointManager.ServerCertificateValidationCallback you effectively disable/enable SSL validation for the entire application. So given that is the case it would be simpler to override the need for SSL validation in your app.config or web.config This also means by previous mentioned approach is invalid. Would still be great if we could figure out a way to disable certificate validation for just the request interested in making. Here is how it is done at the application level. system.net settings !-- Allows for the SSL Certificate to be self-signed or invalid. -- servicePointManager checkCertificateName=false / /settings /system.net SmtpAppender - Add support for ignoring certificate errors -- Key: LOG4NET-315 URL: https://issues.apache.org/jira/browse/LOG4NET-315 Project: Log4net Issue Type: Improvement Components: Appenders Affects Versions: 1.2.11 Reporter: Jim Scott Priority: Minor Fix For: 1.2.12 Original Estimate: 2h Remaining Estimate: 2h As of 1.2.11 the SmtpAppender now has support for enabling smtp connections to use SSL. It is pretty common to have an SMTP server that is using a Self-Signed certificate which will fail the certificate validation. While you can override the certificate error on an application level to overcome this you might want to limit the ignoring of the certificate error just to the appender. Proposed Changes Add property that allows one to indicate they wish to ignore certificate failures. DisableCertificateValidation Add a line like this to SendBuffer method ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateRemoteCertificate); Then create a call back method like so private bool ValidateRemoteCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors policyErrors) { if(DisableCertificateValidation) return true; return policyErrors == null; } -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (LOG4NET-315) SmtpAppender - Add support for ignoring certificate errors
[ https://issues.apache.org/jira/browse/LOG4NET-315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13136060#comment-13136060 ] Stefan Bodewig commented on LOG4NET-315: Can't the server argument of the callback be used to identify the mail server in question and only suppress validation for that? SmtpAppender - Add support for ignoring certificate errors -- Key: LOG4NET-315 URL: https://issues.apache.org/jira/browse/LOG4NET-315 Project: Log4net Issue Type: Improvement Components: Appenders Affects Versions: 1.2.11 Reporter: Jim Scott Priority: Minor Fix For: 1.2.12 Original Estimate: 2h Remaining Estimate: 2h As of 1.2.11 the SmtpAppender now has support for enabling smtp connections to use SSL. It is pretty common to have an SMTP server that is using a Self-Signed certificate which will fail the certificate validation. While you can override the certificate error on an application level to overcome this you might want to limit the ignoring of the certificate error just to the appender. Proposed Changes Add property that allows one to indicate they wish to ignore certificate failures. DisableCertificateValidation Add a line like this to SendBuffer method ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateRemoteCertificate); Then create a call back method like so private bool ValidateRemoteCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors policyErrors) { if(DisableCertificateValidation) return true; return policyErrors == null; } -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (LOG4NET-246) Make it possible to choose whether or not to watch configuration files specified using the log4net.Config appsetting key
[ https://issues.apache.org/jira/browse/LOG4NET-246?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Uri Goldstein updated LOG4NET-246: -- Comment: was deleted (was: Hello, I am away on vacation until Monday, October 10, 2011. I will not be able to read your email and respond until I get back. Thank you for your patience. Kind Regards, Uri Goldstein ) Make it possible to choose whether or not to watch configuration files specified using the log4net.Config appsetting key --- Key: LOG4NET-246 URL: https://issues.apache.org/jira/browse/LOG4NET-246 Project: Log4net Issue Type: Improvement Components: Core Affects Versions: 1.2.10 Reporter: Uri Goldstein Priority: Minor Labels: appsettings, configuration Fix For: 1.2.11 Attachments: DefaultRepositorySelector-LOG4NET-246-PatchA.patch Currently (v1.2.10) it is possible to specify a configuration file for log4net by adding a key like this in the host application's configuration appSettings section: add key=log4net.Config value=Log.config / This defaults to invoking XmlConfigurator.Configure() on the file specified (log4net/Core/DefaultRepositorySelector.cs, line 725). This means the file is not watched for changes during program run time. It would be nice if there was some way similar to the above appSettings key to specify whether log4net should watch the file or not. I might propose that a new key is introduced in this fashion: add key=log4net.Config.Watch value=true / This key would denote a bool value defaulting to false. The value would only be taken into consideration if the log4net.Config key is specified. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (LOG4NET-246) Make it possible to choose whether or not to watch configuration files specified using the log4net.Config appsetting key
[ https://issues.apache.org/jira/browse/LOG4NET-246?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13136332#comment-13136332 ] Uri Goldstein commented on LOG4NET-246: --- Thanks for adding the docs Stefan. Any further action required on my part? Make it possible to choose whether or not to watch configuration files specified using the log4net.Config appsetting key --- Key: LOG4NET-246 URL: https://issues.apache.org/jira/browse/LOG4NET-246 Project: Log4net Issue Type: Improvement Components: Core Affects Versions: 1.2.10 Reporter: Uri Goldstein Priority: Minor Labels: appsettings, configuration Fix For: 1.2.11 Attachments: DefaultRepositorySelector-LOG4NET-246-PatchA.patch Currently (v1.2.10) it is possible to specify a configuration file for log4net by adding a key like this in the host application's configuration appSettings section: add key=log4net.Config value=Log.config / This defaults to invoking XmlConfigurator.Configure() on the file specified (log4net/Core/DefaultRepositorySelector.cs, line 725). This means the file is not watched for changes during program run time. It would be nice if there was some way similar to the above appSettings key to specify whether log4net should watch the file or not. I might propose that a new key is introduced in this fashion: add key=log4net.Config.Watch value=true / This key would denote a bool value defaulting to false. The value would only be taken into consideration if the log4net.Config key is specified. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira