Client-side SSL context configuration is subtly wrong ----------------------------------------------------- Key: ELY-212 URL: https://issues.jboss.org/browse/ELY-212 Project: WildFly Elytron Issue Type: Bug Components: Authentication Client Reporter: David Lloyd Assignee: David Lloyd Fix For: 1.1.0.Beta11 SSL context client-side configuration is problematic in that the SSL context is not (and cannot be) cached. This means that we lose SSL session reuse and other benefits which may cause problems for users. However we also cannot just cache an SSL context on a configuration either - the client credentials may vary on each request, causing leakage between identities. What we need to do is have a separate SSL context client configuration mechanism, and use the generic client context configuration to reference this SSL context client configuration.