Description
When security-domain from server-ssl-context cannot verify X509PeerCertificateChainEvidence then server-ssl-context should rather fail then use some default for X509TrustManager in [1]. It causes that misconfiguration in security domain is masked.
Attachments
Issue Links
- is cloned by
-
ELY-1271 Elytron server-ssl-context should not use default value when referenced security-domain cannot be used
-
- Resolved
-
- is incorporated by
-
JBEAP-12265 Upgrade WildFly Elytron to 1.1.0.CR3
-
- Verified
-
