Hi everyone (p2 & ECF)
Internally, some (many?) organizations have self-signed certs (for things like their internal build server). If you try to connect to a p2 repository using SSL with a self-signed cert it will fail [1].
Obviously the default behaviour here is fine, but what would be required if someone wanted to accept a self-signed cert? On HTTPClient 4, you can set the trust store, but I don't think the HTTP Client is accessible from outside ECF. So here are a few questions
- Does anybody know of an option (system property) that HttpClient4 will accept to disable trust checking
- Is the creation of the HttpClient object extendable such that p2 could create a different HttpClient with different TrustManager (or could this be exposed)
- If the first two options are non-starters, would it be possible to add a system property to ECF to disable trust checking (and is this a lot of work)?
What do others think? Is this a really bad idea? Are others hitting this problem too or is it just me?
Cheers,
Ian
--
R. Ian Bull | EclipseSource Victoria | +1 250 477 7484
http://eclipsesource.com |
http://twitter.com/eclipsesource