View Issue Details

IDProjectCategoryView StatusLast Update
0002886SymmetricDSBugpublic2017-11-06 08:13
ReportersaleemAssigned Toelong 
Status closedResolutionfixed 
Product Version3.8.7 
Target Version3.8.31Fixed in Version3.8.31 
Summary0002886: Disabling self signed certificates
DescriptionSymmetricDS is not checking the validity of certificates using the trusted store.

I have configured a server instance using SSL. The certificate that was used on the server was self-signed. I did not add the root certificate authority to the trusted keystore on clients, however, SymmetricDS clients are still connecting successfully. The 'https.allow.self.signed.certs' is set to false on the clients.



2016-11-03 03:30

reporter   ~0000900

Certificate verification worked successfully after removing the modifications from the commit related to the following URL:

The modification initialises a default SSL factory for allowing self-signed certificates. This is applied without checking the property for enabling self-signed certificates. The following issue provides more details about the changes with a JAR file that can be tested:

Related Changesets

SymmetricDS: 3.8 efddacb3

2017-10-27 13:19:42


Details Diff
0002886: Disabling self signed certificates
mod - symmetric-client/src/main/java/org/jumpmind/symmetric/ Diff File

Issue History

Date Modified Username Field Change
2016-11-01 10:50 saleem New Issue
2016-11-03 03:30 saleem Note Added: 0000900
2017-10-27 11:23 elong Assigned To => elong
2017-10-27 11:23 elong Status new => assigned
2017-10-27 11:24 elong Target Version => 3.8.31
2017-10-27 13:21 elong Status assigned => resolved
2017-10-27 13:21 elong Resolution open => fixed
2017-10-27 13:21 elong Fixed in Version => 3.8.31
2017-10-27 14:00 admin Changeset attached => SymmetricDS 3.8 efddacb3
2017-11-06 08:13 chenson Status resolved => closed