View Issue Details

IDProjectCategoryView StatusLast Update
0002886SymmetricDSBugpublic2017-11-06 08:13
ReportersaleemAssigned Toelong 
Status closedResolutionfixed 
Product Version3.8.7 
Target Version3.8.31Fixed in Version3.8.31 
Summary0002886: Disabling self signed certificates
DescriptionSymmetricDS is not checking the validity of certificates using the trusted store.

I have configured a server instance using SSL. The certificate that was used on the server was self-signed. I did not add the root certificate authority to the trusted keystore on clients, however, SymmetricDS clients are still connecting successfully. The 'https.allow.self.signed.certs' is set to false on the clients.
TagsNo tags attached.



2016-11-03 03:30

reporter   ~0000900

Certificate verification worked successfully after removing the modifications from the commit related to the following URL:

The modification initialises a default SSL factory for allowing self-signed certificates. This is applied without checking the property for enabling self-signed certificates. The following issue provides more details about the changes with a JAR file that can be tested:

Related Changesets

SymmetricDS: 3.8 efddacb3

2017-10-27 13:19:42


Details Diff
0002886: Disabling self signed certificates
mod - symmetric-client/src/main/java/org/jumpmind/symmetric/ Diff File

Issue History

Date Modified Username Field Change
2016-11-01 10:50 saleem New Issue
2016-11-03 03:30 saleem Note Added: 0000900
2017-10-27 11:23 elong Assigned To => elong
2017-10-27 11:23 elong Status new => assigned
2017-10-27 11:24 elong Target Version => 3.8.31
2017-10-27 13:21 elong Status assigned => resolved
2017-10-27 13:21 elong Resolution open => fixed
2017-10-27 13:21 elong Fixed in Version => 3.8.31
2017-10-27 14:00 admin Changeset attached => SymmetricDS 3.8 efddacb3
2017-11-06 08:13 chenson Status resolved => closed