You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Pawel Veselov (Jira)" <ji...@apache.org> on 2021/07/07 01:25:00 UTC

[jira] [Updated] (HTTPCORE-682) Should be possible to specify the provider for key manager/trust manager

     [ https://issues.apache.org/jira/browse/HTTPCORE-682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Pawel Veselov updated HTTPCORE-682:
-----------------------------------
    Description: 
{{SSLContextBuilder}} always uses default {{getInstance()}} method to get the trust or key manager factory. Unlike {{SSLContext}} that supports having a provider explicitly specified.

Since there is no way to specify trust or key managers explicitly, the only way to make a desired trust manager load is to meddle with the security providers, which is not always desirable or possible.

So, it would be great if the SSL context builder allowed for either of:
* Use currently specified (using {{setProvider()}}) provider/provider name when loading trust/key managers
* Support specifying the provider for trust/key managers explicitly
* Support specifying trust managers or key managers explicitly


  was:
{{SSLContextBuilder}} always uses default {{getInstance()}} method to get the trust or key manager factory. Unlike {{SSLContext}} that supports having a provider explicitly specified.

Since there is no way to specify trust or key managers explicitly, the only way to make a desired trust manager load is to meddle with the security providers, which is not always desirable or possible.

So, it would be great if the SSL context builder allowed for either of:
* Use currently specified (using {{setProvider()}} provider/provider name when loading trust/key managers
* Support specifying the provider for trust/key managers explicitly
* Support specifying trust managers or key managers explicitly



> Should be possible to specify the provider for key manager/trust manager
> ------------------------------------------------------------------------
>
>                 Key: HTTPCORE-682
>                 URL: https://issues.apache.org/jira/browse/HTTPCORE-682
>             Project: HttpComponents HttpCore
>          Issue Type: Improvement
>          Components: HttpCore
>    Affects Versions: 4.4.14, 5.1
>            Reporter: Pawel Veselov
>            Priority: Major
>
> {{SSLContextBuilder}} always uses default {{getInstance()}} method to get the trust or key manager factory. Unlike {{SSLContext}} that supports having a provider explicitly specified.
> Since there is no way to specify trust or key managers explicitly, the only way to make a desired trust manager load is to meddle with the security providers, which is not always desirable or possible.
> So, it would be great if the SSL context builder allowed for either of:
> * Use currently specified (using {{setProvider()}}) provider/provider name when loading trust/key managers
> * Support specifying the provider for trust/key managers explicitly
> * Support specifying trust managers or key managers explicitly



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org