livius-ungureanu
commented
4 years ago Hi @timcharper
I have fixed the versions. Can you please take a look?
Closed livius-ungureanu closed 4 years ago
livius-ungureanu
commented
4 years ago Hi @timcharper
I have fixed the versions. Can you please take a look?
The current support for op-rabbit allows to enable simple TLS only for dev/test mode(i.e. the underlying trust manager is a TrustEverythingTrustManager).
To overcome this, the op-rabbit's ConnectionParams constructor will gain at the end a new optional SSLContext with default value None. In this way, the backward compatibility is also provided.
By offering the op-rabbit client the possibility to specify its own
SSLContext, we decouple the client's specific config(i.e. the client app might have already setup it's own keystore/truststore manager and also already initialized a SSLContext based on these) from op-rabbit connection config and hence it's more flexible.The
ConnectionParamsremains backward compatible by adding aright at the end and also keeps the constructor coherent:
if ssl is true
factoryuses the clientsslContextfactoryuses the defaultSSLcontext(i.e based on the underlying TrustEverythingTrustManager)