[Hawkular-dev] SSL by default
Juraci Paixão Kröhling
jpkroehling at redhat.com
Mon May 30 03:20:34 EDT 2016
On 26.05.2016 17:50, Jiri Kremser wrote:
> There is also an option not to do the certificate check at all by
> passing :verify_ssl => false. This way we get the encrypted comm channel
> and save the trouble with adding the certificates. However, it's less
> secure, because it's not guaranteed that the server side is the one who
> it claims to be.
No client should *ever* have this enabled on real code. If we need this
on the Gem or on other clients, I'd halt the task of adding self signed
certs for dev builds, as it would void real security on production boxes.
- Juca.
More information about the hawkular-dev
mailing list