The current support for op-rabbit allows to enable simple TLS only for dev/test mode(i.e. the underlying trust manager is a TrustEverythingTrustManager).
To overcome this, the op-rabbit's ConnectionParams constructor will gain at the end a new optional SSLContext with default value None. In this way, the backward compatibility is also provided.
By offering the op-rabbit client the possibility to specify its own SSLContext, we decouple the client's specific config(i.e. the client app might have already setup it's own keystore/truststore manager and also already initialized a SSLContext based on these) from op-rabbit connection config and hence it's more flexible.
The ConnectionParams remains backward compatible by adding a
sslContextOpt: Option[SSLContext] = None
right at the end and also keeps the constructor coherent:
if ssl is true
if sslContextOpt is Some(sslContext) then the factory uses the client sslContext
otherwise, factory uses the default SSLcontext (i.e based on the underlying TrustEverythingTrustManager)
The current support for op-rabbit allows to enable simple TLS only for dev/test mode(i.e. the underlying trust manager is a TrustEverythingTrustManager).
To overcome this, the op-rabbit's ConnectionParams constructor will gain at the end a new optional SSLContext with default value None. In this way, the backward compatibility is also provided.
By offering the op-rabbit client the possibility to specify its own
SSLContext
, we decouple the client's specific config(i.e. the client app might have already setup it's own keystore/truststore manager and also already initialized a SSLContext based on these) from op-rabbit connection config and hence it's more flexible.The
ConnectionParams
remains backward compatible by adding aright at the end and also keeps the constructor coherent:
if ssl is true
factory
uses the clientsslContext
factory
uses the defaultSSLcontext
(i.e based on the underlying TrustEverythingTrustManager)