View Issue Details

IDProjectCategoryView StatusLast Update
0002886SymmetricDSBugpublic2017-11-06 08:13
ReportersaleemAssigned Toelong 
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version3.8.7 
Target Version3.8.31Fixed in Version3.8.31 
Summary0002886: Disabling self signed certificates
DescriptionSymmetricDS is not checking the validity of certificates using the trusted store.

I have configured a server instance using SSL. The certificate that was used on the server was self-signed. I did not add the root certificate authority to the trusted keystore on clients, however, SymmetricDS clients are still connecting successfully. The 'https.allow.self.signed.certs' is set to false on the clients.
TagsNo tags attached.

Activities

saleem

2016-11-03 03:30

reporter   ~0000900

Certificate verification worked successfully after removing the modifications from the commit related to the following URL:

https://github.com/JumpMind/symmetric-ds/commit/830189c1bdf60804764651fbd2e1bd496d26228d

The modification initialises a default SSL factory for allowing self-signed certificates. This is applied without checking the property for enabling self-signed certificates. The following issue provides more details about the changes with a JAR file that can be tested:

https://www.symmetricds.org/issues/view.php?id=2861

Related Changesets

SymmetricDS: 3.8 efddacb3

2017-10-27 13:19:42

admin

Details Diff
0002886: Disabling self signed certificates
0002886
mod - symmetric-client/src/main/java/org/jumpmind/symmetric/AbstractCommandLauncher.java Diff File

Issue History

Date Modified Username Field Change
2016-11-01 10:50 saleem New Issue
2016-11-03 03:30 saleem Note Added: 0000900
2017-10-27 11:23 elong Assigned To => elong
2017-10-27 11:23 elong Status new => assigned
2017-10-27 11:24 elong Target Version => 3.8.31
2017-10-27 13:21 elong Status assigned => resolved
2017-10-27 13:21 elong Resolution open => fixed
2017-10-27 13:21 elong Fixed in Version => 3.8.31
2017-10-27 14:00 admin Changeset attached => SymmetricDS 3.8 efddacb3
2017-11-06 08:13 chenson Status resolved => closed