|Re: [jgit-dev] Disabling SSL Verification / Using Self-Signed Certs|
+1 for the fix. I haven't built jgit in my local machine, will do it asap and try your fix.On Mon, Mar 4, 2013 at 2:40 AM, Matthias Sohn <matthias.sohn@xxxxxxxxx> wrote:
Improvements to self-signed https handling is something Gitblit is
interested in as well.
Namely, AFAIK, JGit still performs hostname verification of the
self-signed certificate regardless of http.sslVerify=false. ÂSo if I
sign for localhost and then serve on 10.0.1.5 JGit will fail to
push/pull to 10.0.1.5 because the serving hostname does not match the
This behavior is inconsistent with CGit where http.sslVerify will ignore
hostname verification failure. ÂJGit needs a DummyHostnameVerifier class
just like it has the DummyX509TrustManager.
When JGit encounters this scenario it will fail with:
https://184.108.40.206:8443/git/xyzrepo1.git: cannot open
pushed fix for review https://git.eclipse.org/r/#/c/10809/Give it a try and let us know if this solves your problem.--MatthiasÂ
Thanks and Regards,