]
Jan Kalina reassigned ELY-1271:
-------------------------------
Assignee: Jan Kalina (was: Darran Lofthouse)
Elytron server-ssl-context should not use default value when
referenced security-domain cannot be used
------------------------------------------------------------------------------------------------------
Key: ELY-1271
URL:
https://issues.jboss.org/browse/ELY-1271
Project: WildFly Elytron
Issue Type: Bug
Affects Versions: 1.1.0.Beta52
Reporter: Ondrej Lukas
Assignee: Jan Kalina
Priority: Critical
When {{security-domain}} from {{server-ssl-context}} cannot verify
{{X509PeerCertificateChainEvidence}} then {{server-ssl-context}} should rather fail then
use some default for {{X509TrustManager}} in [1]. It causes that misconfiguration in
security domain is masked.
[1]
https://github.com/wildfly-security/wildfly-elytron/blob/656354343e7e28fd...