[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jetty-users] Jetty 9.0.0.M5 issue
|
Just as a side note, you can also set the value to null if you prefer that.
Depending on how you run jetty you can do it programmatically or set it
in jetty-https.xml.
Am 1/23/13 8:53 AM, schrieb Thomas Becker:
Hi Erich,
you can simply disable it by calling:
SslContextFactory.setEndpointIdentificationAlgorithm("");
We went for the securest option by default.
Cheers,
Thomas
Am 1/22/13 11:42 PM, schrieb Erich Bremer:
In Jetty 9 - M5, SslContextFactory.java "customize" method had the
following added:
SSLParameters sslParams = sslEngine.getSSLParameters();
sslParams.setEndpointIdentificationAlgorithm(_endpointIdentificationAlgorithm);
sslEngine.setSSLParameters(sslParams);
which appears to force host verification as per:
"EndpointIdentificationAlgorithm - when set to "HTTPS" hostname
verification will be enabled"
What would be the setting to DISABLE hostname verification?
Thanks, Erich
http://www.ebremer.com
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/jetty-users