davsclaus commented on code in PR #1636:
URL:
https://github.com/apache/camel-spring-boot/pull/1636#discussion_r2732165198
##########
core/camel-spring-boot/src/main/java/org/apache/camel/spring/boot/security/CamelSSLAutoConfiguration.java:
##########
@@ -226,6 +226,20 @@ public SSLContextBuilder
trustManager(TrustManagersParameters trustManager) {
return this;
}
+ public SSLContextBuilder trustAllCertificates(boolean
trustAllCertificates) {
+ if (trustAllCertificates) {
+ TrustManagersParameters tmp =
sslContextParameters.getTrustManagers();
+ if (tmp == null) {
+ tmp = new TrustManagersParameters();
+ sslContextParameters.setTrustManagers(tmp);
+ }
+ tmp.setTrustManager(TrustAllTrustManager.INSTANCE);
+ LOG.warn(
+ "Trust all certifications enabled. Using this in
production can expose the application to man-in-the-middle attacks");
Review Comment:
Thanks I fixed this in core as well
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
