diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-02-20 13:23:19 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-02-20 13:23:19 +0100 |
commit | 1441bb6fe0edf5bf36ac5a3c0c070a81be9cebe1 (patch) | |
tree | 26ccddfdd4c5d8fa0f546c238d57217268eeac18 /controller-server | |
parent | 32865d72bc70ffba08806e0870880a14d4fed36f (diff) |
Disable hostname verification of client certs in hosted configserver/controller
Diffstat (limited to 'controller-server')
-rw-r--r-- | controller-server/src/main/java/com/yahoo/vespa/hosted/controller/tls/ControllerSslContextFactoryProvider.java | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/tls/ControllerSslContextFactoryProvider.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/tls/ControllerSslContextFactoryProvider.java index d20c86528a5..dcc61b13bab 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/tls/ControllerSslContextFactoryProvider.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/tls/ControllerSslContextFactoryProvider.java @@ -63,6 +63,7 @@ public class ControllerSslContextFactoryProvider extends AbstractComponent imple factory.setTrustStore(truststore); factory.setKeyStore(keystore); factory.setKeyStorePassword(""); + factory.setEndpointIdentificationAlgorithm(null); // disable https hostname verification of clients (must be disabled when using Athenz x509 certificates) return factory; } |