Skip to content

Wrapping plain trust manager silently disables hostname verification#16868

Merged
chrisvest merged 1 commit into
4.1from
tm41
Jun 1, 2026
Merged

Wrapping plain trust manager silently disables hostname verification#16868
chrisvest merged 1 commit into
4.1from
tm41

Conversation

@normanmaurer

Copy link
Copy Markdown
Member

Motivation:

We need to ensure we don't wrap X509TrustManager into X509ExtendedTrustManager as this will silently disable hostname verification

Modifications:

  • Remove wrapping code
  • Change InsecureTrustManagerFactory to disable verification

Result:

Correctly leaverage hostname verifications that is provided by the JDK internally.

Motivation:

We need to ensure we don't wrap X509TrustManager into X509ExtendedTrustManager as this will silently disable hostname verification

Modifications:

- Remove wrapping code
- Change InsecureTrustManagerFactory to disable verification

Result:

Correctly leaverage hostname verifications that is provided by the JDK internally.
@chrisvest chrisvest added this to the 4.1.135.Final milestone Jun 1, 2026
@chrisvest chrisvest merged commit 09e72c4 into 4.1 Jun 1, 2026
18 checks passed
@chrisvest chrisvest deleted the tm41 branch June 1, 2026 21:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants