Public certificates should not have to be supplied as they should be picked up from the jvm
Opened this issue · 2 comments
During #91 I was testing against a rest end point. The rest call was successful if issued with curl, but failed the ssl handshake in this connector. The reason it fails is
If we do not supply an SSLContext on this line then the public certs are picked up.
I suggest we either change the default behaviour in the absence of supplied certs to not supply an SSLContext or if there is some reason to have this SSLContext then introduce a flag use_public_certs
to toggle this behaviour.
Hi yeah, that is a good finding.
The reason why the SSL context is created regardless whether custom certs are defined or not was -> to make code simpler I guess, where "simpler" is probably subjective :)
We can:
- not to create SSL context if custom cert is not defined
- create it always but use Java's default, build in key store.
I personally would try with option 2, but Im ok with option 1 also.
@kristoffSC Links to pr that will close this issue #128