Allow self-signed certificates for content-package plugin

Description

Currently the content-package Plugin only works with SSL if the Certificate is trusted.
This brings up some problems with self-signed certificates used on several testing system.s
It would be helpful to have an (optional) parameter to also allow self-signed certificates.

The code-changes would involve the getHttpClient() method and an optional parameter.

If you could provide a fitting parameter name, I'd be happy to create a pull-request for this. How about: vault.trustSelfSigned ?

Activity

Show:
Stefan Seifert
April 29, 2016, 5:39 PM

good idea.

please name it relaxedSSLCheck with property vault.relaxedSSLCheck.

another way to do it is using the "EasySslProtocolSocketFactory", not sure if it applies to our use case as well, see
http://drumcoder.co.uk/blog/2011/mar/30/httpclient-self-signed-certificates/

Alexander Muthmann
April 29, 2016, 6:26 PM

Done: https://github.com/wcm-io/wcm-io-tooling/pull/3

I intentional used the default implementation already provided by apache http client to prevent any "foreign" code here.

As the parametername is quite broad, I also disabled the hostname check for the certificate as this is usually useless for self-signed certificates.

Stefan Seifert
April 30, 2016, 12:23 AM

thanks - merged & updated changelog

Fixed

Assignee

Unassigned

Reporter

Alexander Muthmann

Labels

None

Components

Fix versions

Affects versions

Priority

Major