You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by mi...@apache.org on 2020/03/30 09:14:49 UTC

[maven-wagon] branch master updated: [WAGON-585] maven.wagon.http.ssl features documentation is incomplete

This is an automated email from the ASF dual-hosted git repository.

michaelo pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/maven-wagon.git


The following commit(s) were added to refs/heads/master by this push:
     new 7a743bf  [WAGON-585] maven.wagon.http.ssl features documentation is incomplete
7a743bf is described below

commit 7a743bfc93e58b0ef37601c7d05506b8d8e1b7d9
Author: Alexander Kiselyov <al...@gmail.com>
AuthorDate: Sun Mar 29 02:53:53 2020 +0200

    [WAGON-585] maven.wagon.http.ssl features documentation is incomplete
    
    This closes #64
---
 wagon-providers/wagon-http/src/site/apt/index.apt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/wagon-providers/wagon-http/src/site/apt/index.apt b/wagon-providers/wagon-http/src/site/apt/index.apt
index e05e3bf..1c9f864 100644
--- a/wagon-providers/wagon-http/src/site/apt/index.apt
+++ b/wagon-providers/wagon-http/src/site/apt/index.apt
@@ -50,11 +50,11 @@ Features
 
  Other features can be configured through system properties:
 
- * <<<maven.wagon.http.ssl.insecure>>> = true/false (default false), enable/disable use of relaxed ssl check for user generated certificates.
+ * <<<maven.wagon.http.ssl.insecure>>> = <<<true>>>/<<<false>>> (<<<false>>> by default), enable/disable relaxed check of public key certificates (e.g. self-signed ones). Relaxed check means that any chain with 1 or more certificates will be considered valid if all the certificate dates in the chain are valid (dates check can be overridden as well - see below). Setting it to <<<true>>> also enables usage of the following properties:
 
- * <<<maven.wagon.http.ssl.allowall>>> = true/false (default false), enable/disable match of the server's X.509 certificate with hostname. If disabled, a browser like check will be used.
+    * <<<maven.wagon.http.ssl.allowall>>> = <<<true>>>/<<<false>>> (<<<false>>> by default), whether to match the server's X.509 certificate against a requested IP/DNS name. If <<<false>>>/unset, a regular server check will be used, which means that the server's IP/DNS must match either the first CN, the Subject field or one of the Subject Alternative Name extension values (in case Subject or SAN type is either <<<dNSName>>> or <<<iPAddress>>> - see {{{https://tools.ietf.org/html/rfc5280 [...]
 
- * <<<maven.wagon.http.ssl.ignore.validity.dates>>> = true/false (default false), ignore issues with certificate dates.
+    * <<<maven.wagon.http.ssl.ignore.validity.dates>>> = <<<true>>>/<<<false>>> (<<<false>>> by default), whether to ignore issues with certificate dates (i.e. when a certificate is expired or not yet valid).
 
  * <<<maven.wagon.rto>>> = time in ms (default 1800000), read time out.