tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 34605] New: - Ignore https chain with the ant deployment tasks
Date Mon, 25 Apr 2005 19:09:24 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=34605>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=34605

           Summary: Ignore https chain with the ant deployment tasks
           Product: Tomcat 5
           Version: 5.5.9
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Webapps:Manager
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: henri.dupre@gmail.com


It would be nice if the ant task could ignore the https validation chain when
deploying to a server. This can be easily done with the following code:

      SSLContext sc = SSLContext.getInstance("SSL");

      // Create empty HostnameVerifier
      HostnameVerifier hv = new HostnameVerifier() {
        public boolean verify(String urlHostName, SSLSession session) {
          System.err.println("Warning: URL Host: " + urlHostName + " vs. "
              + session.getPeerHost());
          return true;
        }

      };
      // Create a trust manager that does not validate certificate chains
      TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
          return null;
        }

        public void checkClientTrusted(java.security.cert.X509Certificate[] certs,
            String authType) {
        }

        public void checkServerTrusted(java.security.cert.X509Certificate[] certs,
            String authType) {
        }
      } };

      sc.init(null, trustAllCerts, new java.security.SecureRandom());
      SSLSocketFactory sslSocketFactory = sc.getSocketFactory();

      HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
      HttpsURLConnection.setDefaultHostnameVerifier(hv);

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message