Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Fixes #4796 makes acceptAnyCertificate work #6170

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gmethvin merged 1 commit into from
May 19, 2016
Merged

Fixes #4796 makes acceptAnyCertificate work #6170

gmethvin merged 1 commit into from
May 19, 2016

Conversation

@schmitch
Copy link
Contributor

@schmitch schmitch commented May 18, 2016

Fixes

Fixes #4796

Purpose

Actually it makes acceptAnyCertificate working

Background Context

In Play 2.4 upwards Play added a JsseSslContext and relied on Netty 4 / Asynchttpclient 2 while everything worked, the certificate handling changed and made it impossible to run under "really" loose SSL setups.

At the moment there aren't tests for this, but it will be actually hard to implement.
There is one way but since I would need to work around some things I didn't. Actually setting up a play instance with -Dhttps.port=9443 and point a ws.url to itself it will actually fail with a SSL Error so there would be a way to test, however the WS Test client doesn't rely on a typesafe config (

playframework/framework/src/play-ws/src/main/scala/play/api/test/WSTestClient.scala

Line 65 in 9a06b9a

val client = AhcWSClient(AhcWSClientConfig(maxRequestRetry = 0))(materializer)
) I would need to create a new client just for a single test. any ideas to work that out or could we ignore a test for this?

@gmethvin gmethvin closed this May 18, 2016
@gmethvin gmethvin reopened this May 18, 2016
@gmethvin gmethvin merged commit d002716 into playframework:master May 19, 2016
@gmethvin
Copy link
Member

gmethvin commented May 19, 2016

@schmitch Maybe we should add a warning when loose ssl configuration is used in production. I think this should probably go in SSLConfigParser though.

gmethvin pushed a commit that referenced this pull request May 19, 2016
@schmitch @gmethvin
Fixes #4796 disables jsse and adds a loose context for acceptAnyCerti…
97f475e 
…ficate (#6170)
@schmitch schmitch deleted the fixes-4796 branch May 19, 2016 21:28
@schmitch schmitch mentioned this pull request May 22, 2016
Merged
@mkurz mkurz added this to the 2.5.4 milestone Jun 2, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

2.5.4

Development

Successfully merging this pull request may close these issues.

3 participants

@schmitch @gmethvin @mkurz