tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 61394] NIO/NIO2 + OpenSSL renegotiation doesn't send list of CAs to user agent
Date Wed, 09 Aug 2017 15:27:09 GMT

--- Comment #5 from George Stanchev <> ---
I don't mean to derail the discussion but we implement a trust-all manager
thats gets injected from the connector attrobutes:

public class AnyCertX509TrustManager implements X509TrustManager {
    public void checkClientTrusted(X509Certificate[] certs, String auth) {}
    public void checkServerTrusted(X509Certificate[] certs, String auth) {}
    public X509Certificate[] getAcceptedIssuers() { return new
X509Certificate[0]; }

In case of OpenSSL setup, would the proposed approach to send the accepted
issuers as [0] sized array of certs mean "trust-all" to OpenSSL or "trust-none"

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message