You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Larry McCay (JIRA)" <ji...@apache.org> on 2016/09/03 16:36:20 UTC
[jira] [Updated] (KNOX-733) Add support for custom truststore to
Knox shell client
[ https://issues.apache.org/jira/browse/KNOX-733?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Larry McCay updated KNOX-733:
-----------------------------
Summary: Add support for custom truststore to Knox shell client (was: Knox shell client is susceptible to man-in-the-middle attack)
> Add support for custom truststore to Knox shell client
> ------------------------------------------------------
>
> Key: KNOX-733
> URL: https://issues.apache.org/jira/browse/KNOX-733
> Project: Apache Knox
> Issue Type: Bug
> Reporter: chris snow
> Assignee: chris snow
> Fix For: 0.10.0
>
>
> The Knox shell client does not verify the certificate of the server.
> One option would be to provide another method where developers can provide their own client, e.g.
> public static Hadoop login( String url, String username, String password, HttpClient client ) throws URISyntaxException { }
> https://github.com/apache/knox/blob/master/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java#L60
> I can provide a patch if you are happy with this approach.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)