KEYCLOAK-14887 Outgoing HTTPS request truststore documentation reads 'disabled' but actual parameter is 'enabled'

This commit is contained in:
mposolda 2020-07-28 11:04:45 +02:00 committed by Marek Posolda
parent 7c7e862967
commit a1d84dc180

View file

@ -169,7 +169,7 @@ You can add your truststore configuration by using the following template:
<property name="file" value="path to your .jks file containing public certificates"/> <property name="file" value="path to your .jks file containing public certificates"/>
<property name="password" value="password"/> <property name="password" value="password"/>
<property name="hostname-verification-policy" value="WILDCARD"/> <property name="hostname-verification-policy" value="WILDCARD"/>
<property name="disabled" value="false"/> <property name="enabled" value="true"/>
</properties> </properties>
</provider> </provider>
</spi> </spi>
@ -184,11 +184,11 @@ file::
This is what the trustore does. This is what the trustore does.
The keystore contains one or more trusted host certificates or certificate authorities. The keystore contains one or more trusted host certificates or certificate authorities.
This truststore file should only contain public certificates of your secured hosts. This truststore file should only contain public certificates of your secured hosts.
This is _REQUIRED_ if `disabled` is not true. This is _REQUIRED_ if `enabled` is true.
password:: password::
Password for the truststore. Password for the truststore.
This is _REQUIRED_ if `disabled` is not true. This is _REQUIRED_ if `enabled` is true.
hostname-verification-policy:: hostname-verification-policy::
`WILDCARD` by default. `WILDCARD` by default.
@ -196,7 +196,7 @@ hostname-verification-policy::
`ANY` means that the hostname is not verified. `WILDCARD` Allows wildcards in subdomain names i.e. `ANY` means that the hostname is not verified. `WILDCARD` Allows wildcards in subdomain names i.e.
*.foo.com. `STRICT` CN must match hostname exactly. *.foo.com. `STRICT` CN must match hostname exactly.
disabled:: enabled::
If true (default value), truststore configuration will be ignored, and certificate checking will fall back to JSSE configuration as described. If false (default value), truststore configuration will be ignored, and certificate checking will fall back to JSSE configuration as described.
If set to false, you must configure `file`, and `password` for the truststore. If set to true, you must configure `file`, and `password` for the truststore.