[teiid-issues] [JBoss JIRA] (TEIID-4081) SSL - server accepts any client certificate
Juraj Duráni (JIRA)
issues at jboss.org
Wed Mar 16 04:26:00 EDT 2016
Juraj Duráni created TEIID-4081:
-----------------------------------
Summary: SSL - server accepts any client certificate
Key: TEIID-4081
URL: https://issues.jboss.org/browse/TEIID-4081
Project: Teiid
Issue Type: Bug
Affects Versions: 8.12.5
Reporter: Juraj Duráni
Assignee: Steven Hawkins
Priority: Blocker
Attachments: keystore_client_expired.jks, keystore_client_root_expired.jks, keystore_client_untrusted.jks, keystore_server.jks, truststore.jks, truststore_expired.jks
In 2-way authentication mode client must provide to the server valid certificate. But Teiid accepts any certificate which client provides.
* expired
* untrusted
* signed by certificate of root CA which already expired
Teiid should reject such client's certificate and fail to establish connection.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the teiid-issues
mailing list