You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Steve Davids (JIRA)" <ji...@apache.org> on 2014/03/16 16:24:42 UTC
[jira] [Updated] (SOLR-5868) HttpClient should be configured to use
ALLOW_ALL_HOSTNAME hostname verifier to simplify SSL setup
[ https://issues.apache.org/jira/browse/SOLR-5868?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steve Davids updated SOLR-5868:
-------------------------------
Attachment: SOLR-5868.patch
Patch attached to work in the current form of the trunk (non HttpClientBuilder version).
> HttpClient should be configured to use ALLOW_ALL_HOSTNAME hostname verifier to simplify SSL setup
> -------------------------------------------------------------------------------------------------
>
> Key: SOLR-5868
> URL: https://issues.apache.org/jira/browse/SOLR-5868
> Project: Solr
> Issue Type: Improvement
> Affects Versions: 4.7
> Reporter: Steve Davids
> Fix For: 4.8
>
> Attachments: SOLR-5868.patch
>
>
> The default HttpClient hostname verifier is the BROWSER_COMPATIBLE_HOSTNAME_VERIFIER which verifies the hostname that is being connected to matches the hostname presented within the certificate. This is meant to protect clients that are making external requests out across the internet, but requests within the the SOLR cluster should be trusted and can be relaxed to simplify the SSL/certificate setup process.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org