[jira] [Updated] (LOG4NET-315) SmtpAppender - Add support for ignoring certificate errors
[
https://issues.apache.org/jira/browse/LOG4NET-315?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Stefan Bodewig updated LOG4NET-315:
---
Fix Version/s: (was: 1.2 Maintenance Release)
1.2.12
SmtpAppender - Add support for ignoring certificate errors
--
Key: LOG4NET-315
URL: https://issues.apache.org/jira/browse/LOG4NET-315
Project: Log4net
Issue Type: Improvement
Components: Appenders
Affects Versions: 1.2.11
Reporter: Jim Scott
Priority: Minor
Fix For: 1.2.12
Original Estimate: 2h
Remaining Estimate: 2h
As of 1.2.11 the SmtpAppender now has support for enabling smtp connections
to use SSL. It is pretty common to have an SMTP server that is using a
Self-Signed certificate which will fail the certificate validation. While you
can override the certificate error on an application level to overcome this
you might want to limit the ignoring of the certificate error just to the
appender.
Proposed Changes
Add property that allows one to indicate they wish to ignore certificate
failures.
DisableCertificateValidation
Add a line like this to SendBuffer method
ServicePointManager.ServerCertificateValidationCallback += new
RemoteCertificateValidationCallback(ValidateRemoteCertificate);
Then create a call back method like so
private bool ValidateRemoteCertificate(object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors policyErrors)
{
if(DisableCertificateValidation) return true;
return policyErrors == null;
}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (LOG4NET-315) SmtpAppender - Add support for ignoring certificate errors
[
https://issues.apache.org/jira/browse/LOG4NET-315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13136036#comment-13136036
]
Jim Scott commented on LOG4NET-315:
---
I did some testing today and my above suggestion will not work as I was
expecting it to. By setting the callback method on
ServicePointManager.ServerCertificateValidationCallback you effectively
disable/enable SSL validation for the entire application.
So given that is the case it would be simpler to override the need for SSL
validation in your app.config or web.config
This also means by previous mentioned approach is invalid. Would still be great
if we could figure out a way to disable certificate validation for just the
request interested in making.
Here is how it is done at the application level.
system.net
settings
!-- Allows for the SSL Certificate to be self-signed or invalid. --
servicePointManager checkCertificateName=false /
/settings
/system.net
SmtpAppender - Add support for ignoring certificate errors
--
Key: LOG4NET-315
URL: https://issues.apache.org/jira/browse/LOG4NET-315
Project: Log4net
Issue Type: Improvement
Components: Appenders
Affects Versions: 1.2.11
Reporter: Jim Scott
Priority: Minor
Fix For: 1.2.12
Original Estimate: 2h
Remaining Estimate: 2h
As of 1.2.11 the SmtpAppender now has support for enabling smtp connections
to use SSL. It is pretty common to have an SMTP server that is using a
Self-Signed certificate which will fail the certificate validation. While you
can override the certificate error on an application level to overcome this
you might want to limit the ignoring of the certificate error just to the
appender.
Proposed Changes
Add property that allows one to indicate they wish to ignore certificate
failures.
DisableCertificateValidation
Add a line like this to SendBuffer method
ServicePointManager.ServerCertificateValidationCallback += new
RemoteCertificateValidationCallback(ValidateRemoteCertificate);
Then create a call back method like so
private bool ValidateRemoteCertificate(object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors policyErrors)
{
if(DisableCertificateValidation) return true;
return policyErrors == null;
}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (LOG4NET-315) SmtpAppender - Add support for ignoring certificate errors
[
https://issues.apache.org/jira/browse/LOG4NET-315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13136060#comment-13136060
]
Stefan Bodewig commented on LOG4NET-315:
Can't the server argument of the callback be used to identify the mail server
in question and only suppress validation for that?
SmtpAppender - Add support for ignoring certificate errors
--
Key: LOG4NET-315
URL: https://issues.apache.org/jira/browse/LOG4NET-315
Project: Log4net
Issue Type: Improvement
Components: Appenders
Affects Versions: 1.2.11
Reporter: Jim Scott
Priority: Minor
Fix For: 1.2.12
Original Estimate: 2h
Remaining Estimate: 2h
As of 1.2.11 the SmtpAppender now has support for enabling smtp connections
to use SSL. It is pretty common to have an SMTP server that is using a
Self-Signed certificate which will fail the certificate validation. While you
can override the certificate error on an application level to overcome this
you might want to limit the ignoring of the certificate error just to the
appender.
Proposed Changes
Add property that allows one to indicate they wish to ignore certificate
failures.
DisableCertificateValidation
Add a line like this to SendBuffer method
ServicePointManager.ServerCertificateValidationCallback += new
RemoteCertificateValidationCallback(ValidateRemoteCertificate);
Then create a call back method like so
private bool ValidateRemoteCertificate(object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors policyErrors)
{
if(DisableCertificateValidation) return true;
return policyErrors == null;
}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (LOG4NET-246) Make it possible to choose whether or not to watch configuration files specified using the log4net.Config appsetting key
[ https://issues.apache.org/jira/browse/LOG4NET-246?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Uri Goldstein updated LOG4NET-246: -- Comment: was deleted (was: Hello, I am away on vacation until Monday, October 10, 2011. I will not be able to read your email and respond until I get back. Thank you for your patience. Kind Regards, Uri Goldstein ) Make it possible to choose whether or not to watch configuration files specified using the log4net.Config appsetting key --- Key: LOG4NET-246 URL: https://issues.apache.org/jira/browse/LOG4NET-246 Project: Log4net Issue Type: Improvement Components: Core Affects Versions: 1.2.10 Reporter: Uri Goldstein Priority: Minor Labels: appsettings, configuration Fix For: 1.2.11 Attachments: DefaultRepositorySelector-LOG4NET-246-PatchA.patch Currently (v1.2.10) it is possible to specify a configuration file for log4net by adding a key like this in the host application's configuration appSettings section: add key=log4net.Config value=Log.config / This defaults to invoking XmlConfigurator.Configure() on the file specified (log4net/Core/DefaultRepositorySelector.cs, line 725). This means the file is not watched for changes during program run time. It would be nice if there was some way similar to the above appSettings key to specify whether log4net should watch the file or not. I might propose that a new key is introduced in this fashion: add key=log4net.Config.Watch value=true / This key would denote a bool value defaulting to false. The value would only be taken into consideration if the log4net.Config key is specified. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (LOG4NET-246) Make it possible to choose whether or not to watch configuration files specified using the log4net.Config appsetting key
[ https://issues.apache.org/jira/browse/LOG4NET-246?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13136332#comment-13136332 ] Uri Goldstein commented on LOG4NET-246: --- Thanks for adding the docs Stefan. Any further action required on my part? Make it possible to choose whether or not to watch configuration files specified using the log4net.Config appsetting key --- Key: LOG4NET-246 URL: https://issues.apache.org/jira/browse/LOG4NET-246 Project: Log4net Issue Type: Improvement Components: Core Affects Versions: 1.2.10 Reporter: Uri Goldstein Priority: Minor Labels: appsettings, configuration Fix For: 1.2.11 Attachments: DefaultRepositorySelector-LOG4NET-246-PatchA.patch Currently (v1.2.10) it is possible to specify a configuration file for log4net by adding a key like this in the host application's configuration appSettings section: add key=log4net.Config value=Log.config / This defaults to invoking XmlConfigurator.Configure() on the file specified (log4net/Core/DefaultRepositorySelector.cs, line 725). This means the file is not watched for changes during program run time. It would be nice if there was some way similar to the above appSettings key to specify whether log4net should watch the file or not. I might propose that a new key is introduced in this fashion: add key=log4net.Config.Watch value=true / This key would denote a bool value defaulting to false. The value would only be taken into consideration if the log4net.Config key is specified. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
