Alon Bar-Lev has posted comments on this change. Change subject: core: remove commons httpclient from provider proxy ......................................................................
Patch Set 14: (1 comment) http://gerrit.ovirt.org/#/c/33458/14/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/provider/BaseProviderProxy.java File backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/provider/BaseProviderProxy.java: Line 75 Line 76 Line 77 Line 78 Line 79 > see previous comments on this. now I understand! you want to trust a host... this is not the way to go. you need to connect to host without chain validation, then extract the chain out of the SSLContext. see HttpsURLConnection::getServerCertificates(), and remove the end certificate. probably you need to build the chain as well[1] to complete up to root. what does this query return exactly? [1] http://www.nakov.com/blog/2009/12/01/x509-certificate-validation-in-java-build-and-verify-chain-and-verify-clr-with-bouncy-castle/ -- To view, visit http://gerrit.ovirt.org/33458 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I727d34c33f357b93560d4b5a1784b3733b7fa293 Gerrit-PatchSet: 14 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Moti Asayag <masa...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
