Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Done
Priority: Major - P3
Fix Version/s: None
Affects Version/s: 2.6.0-rc1
Component/s: Security
Labels:
- 26qa

Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

The warning we have currently is not enough:

2014-03-07T12:49:45.742-0500 warning: No SSL certificate validation can be performed since no CA file has been provided; please specify an sslCAFile parameter

Users should have to additionally specify --sslAllowInvalidCertificates in order to start the server when:

SSL is enabled in any way
No certificate has been provided via --sslCAFile

It is extremely easy to not see the warning and assume that certificate validation is occurring.

Assignee:: Andreas Nilsson (Inactive)
Reporter:: Tyler Brock (Inactive)
Participants:: Andreas Nilsson, Andy Schwerin, Eric Milkie, Tyler Brock
Votes:: 0 Vote for this issue
Watchers:: 4 Start watching this issue

Created:: Mar 07 2014 06:21:11 PM UTC
Updated:: May 05 2014 07:18:05 PM UTC
Resolved:: Mar 13 2014 03:09:57 PM UTC