Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-5960

ssl_verify_hostname should default to true rather than false

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.29
    • Component/s: JMS AMQP 0-x
    • Labels:
      None

      Description

      The Java Client's connection url option ssl_verify_hostname has traditionally defaulted to false meaning that during the SSL negotiation the Java client ignores hostname errors. This is weak: by default the client should validate the hostname. If users should be forced to turn host name verification off if desired.

      I believe this will also bring the behaviour of the Java client in line with the CPP client (QPID-5841)

        Attachments

          Activity

            People

            • Assignee:
              kwall Keith Wall
              Reporter:
              kwall Keith Wall
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: