You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by "risdenk (via GitHub)" <gi...@apache.org> on 2023/02/23 15:03:37 UTC

[GitHub] [solr] risdenk commented on pull request #1376: SOLR-16679: Fix solr.jetty.ssl.verifyClientHostName logging

risdenk commented on PR #1376:
URL: https://github.com/apache/solr/pull/1376#issuecomment-1441942019

   > This looks good to me, but could you provide more information as to why we want a default value of null when SSL is enabled? Why is HTTPS a bad default in all cases?
   
   So ideally `HTTPS` would be set by default in all cases except when we want it disabled. The disabled case is setting it to `null`.
   
   The way that bin/solr is setup today, `solr.jetty.ssl.verifyClientHostName` is defaulted to `HTTPS` when TLS is enabled. So in a round about way the default is `HTTPS`. In order to change this, we would need to update `bin/solr`.
   
   I'll take a crack at doing that since it would make the logic much cleaner I think.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org