You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Wei-Chiu Chuang (Jira)" <ji...@apache.org> on 2019/12/03 21:08:00 UTC
[jira] [Commented] (HADOOP-16718) Allow disabling Server Name
Indication (SNI) for Jetty
[ https://issues.apache.org/jira/browse/HADOOP-16718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16987263#comment-16987263 ]
Wei-Chiu Chuang commented on HADOOP-16718:
------------------------------------------
+1
> Allow disabling Server Name Indication (SNI) for Jetty
> ------------------------------------------------------
>
> Key: HADOOP-16718
> URL: https://issues.apache.org/jira/browse/HADOOP-16718
> Project: Hadoop Common
> Issue Type: Improvement
> Affects Versions: 3.2.1
> Reporter: Siyao Meng
> Assignee: Aravindan Vijayan
> Priority: Major
> Attachments: HADOOP-16718-branch-3.2-v000.patch, HADOOP-16718-v001.patch
>
>
> As of now, {{createHttpsChannelConnector()}} enables SNI by default with Jetty:
> {code}
> private ServerConnector createHttpsChannelConnector(
> Server server, HttpConfiguration httpConfig) {
> httpConfig.setSecureScheme(HTTPS_SCHEME);
> httpConfig.addCustomizer(new SecureRequestCustomizer());
> ServerConnector conn = createHttpChannelConnector(server, httpConfig);
> {code}
> with the default constructor without any parameters automatically setting {{sniHostCheck}} to {{true}}:
> {code}
> public SecureRequestCustomizer()
> {
> this(true);
> }
> {code}
> Proposal: We should make this configurable and probably default this to false.
> Credit: Aravindan Vijayan
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org