https://issues.apache.org/bugzilla/show_bug.cgi?id=55801
--- Comment #3 from Maciej Lypik <maciej.ly...@gmail.com> --- (In reply to Christopher Schultz from comment #2) > (In reply to Marek Jagielski from comment #1) > > This patch would be useful also for those who cope with self-signed > > certificates for test purposes. > > I'm just curious how this would help with self-signed certificates. What can > you not accomplish with existing APIs/configuration? If certificate is known beforehand there is no problem - it can be simply added to the trust store. My problem is that clients do not know anything about the server they are connecting to. I work in cloud environment and servers are instantiated and terminated as they are needed. Every time new server instance is created it gets new self-signed certificate. The only thing client knows about server is its IP address. Ability to temporarily ignore certificates would solve this problem for me. Additionally, even if trust store solves problem for most cases, some people prefer to ignore certificates. I think it's fairly common practice in HTTPS clients. I remember doing so myself in Jersey Client API. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
