[prev in list] [next in list] [prev in thread] [next in thread]
List: httpclient-commons-dev
Subject: [jira] [Commented] (HTTPCORE-682) Should be possible to specify the provider for key manager/trust m
From: "Pawel Veselov (Jira)" <jira () apache ! org>
Date: 2021-07-07 17:13:00
Message-ID: JIRA.13388054.1625621001000.706075.1625677980326 () Atlassian ! JIRA
[Download RAW message or body]
[ https://issues.apache.org/jira/browse/HTTPCORE-682?page=com.atlassian.jira.plugi \
n.system.issuetabpanels:comment-tabpanel&focusedCommentId=17376722#comment-17376722 ] \
Pawel Veselov commented on HTTPCORE-682:
----------------------------------------
[~olegk] Yes, unfortunately, that provider is only used to create the SSL context, \
but not the trust/key manager factories. The stores also can be loaded using a custom \
provider, but at least that can be done outside of SSL context builder, and provided \
directly using the corresponding overloaded method. I've created \
https://github.com/apache/httpcomponents-core/pull/295
> Should be possible to specify the provider for key manager/trust manager
> ------------------------------------------------------------------------
>
> Key: HTTPCORE-682
> URL: https://issues.apache.org/jira/browse/HTTPCORE-682
> Project: HttpComponents HttpCore
> Issue Type: Improvement
> Components: HttpCore
> Affects Versions: 4.4.14, 5.1
> Reporter: Pawel Veselov
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> {{SSLContextBuilder}} always uses default {{getInstance()}} method to get the trust \
> or key manager factory. Unlike {{SSLContext}} that supports having a provider \
> explicitly specified. Since there is no way to specify trust or key managers \
> explicitly, the only way to make a desired trust manager load is to meddle with the \
> security providers, which is not always desirable or possible. So, it would be \
> great if the SSL context builder allowed for either of:
> * Use currently specified (using {{setProvider()}}) provider/provider name when \
> loading trust/key managers
> * Support specifying the provider for trust/key managers explicitly
> * Support specifying trust managers or key managers explicitly
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic