lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark Miller (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SOLR-5868) HttpClient should be configured to use ALLOW_ALL_HOSTNAME hostname verifier to simplify SSL setup
Date Fri, 21 Mar 2014 14:58:43 GMT

    [ https://issues.apache.org/jira/browse/SOLR-5868?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13943117#comment-13943117
] 

Mark Miller commented on SOLR-5868:
-----------------------------------

Any comments on this [~elyograg]?

> HttpClient should be configured to use ALLOW_ALL_HOSTNAME hostname verifier to simplify
SSL setup
> -------------------------------------------------------------------------------------------------
>
>                 Key: SOLR-5868
>                 URL: https://issues.apache.org/jira/browse/SOLR-5868
>             Project: Solr
>          Issue Type: Improvement
>    Affects Versions: 4.7
>            Reporter: Steve Davids
>            Assignee: Mark Miller
>             Fix For: 4.8, 5.0, 4.7.1
>
>         Attachments: SOLR-5868.patch, SOLR-5868.patch
>
>
> The default HttpClient hostname verifier is the BROWSER_COMPATIBLE_HOSTNAME_VERIFIER
which verifies the hostname that is being connected to matches the hostname presented within
the certificate. This is meant to protect clients that are making external requests out across
the internet, but requests within the the SOLR cluster should be trusted and can be relaxed
to simplify the SSL/certificate setup process.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message