You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
AllTrustManager trusts all certificates by default. SSL is basically useless without the concept of trust.
This is an example of bad SSL implementation and can lead to a man-in-the-middle attack. See http://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html for more
The text was updated successfully, but these errors were encountered:
ViPR installs with self-signed certificates so there is no concept of trust in a default install. This is provided as a convenience for default installations that did not sign certificates for use in the system. Also, the ssl factory can be overridden with a custom version which is what is recommended.
I will look to remove the trust all as a default setting for the 2.1 release.
AllTrustManager trusts all certificates by default. SSL is basically useless without the concept of trust.
This is an example of bad SSL implementation and can lead to a man-in-the-middle attack. See http://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html for more
The text was updated successfully, but these errors were encountered: