You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Colm O hEigeartaigh (Jira)" <ji...@apache.org> on 2020/09/09 16:10:00 UTC
[jira] [Created] (DIRSERVER-2328) CreateAuthenticator annotation
trust manager improvements
Colm O hEigeartaigh created DIRSERVER-2328:
----------------------------------------------
Summary: CreateAuthenticator annotation trust manager improvements
Key: DIRSERVER-2328
URL: https://issues.apache.org/jira/browse/DIRSERVER-2328
Project: Directory ApacheDS
Issue Type: Task
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
Fix For: 2.0.0.AM27
There are two problems with the CreateAuthenticator annotation trust manager configuration:
# delegateSslTrustManagerFQCN + delegateTlsTrustManagerFQCN default to NoVerificationTrustManager, which is not secure.
# These values are not plugged through to the DelegatingAuthenticator, which hard-codes NoVerificationTrustManager.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org