Open moodyblue opened 3 years ago
J-N-K
commented
3 years ago This is not a bug. Jetty prints a warning because usually trusting all certificates without verification is a bad thing. Unfortunately this is needed if you connect to servers with self signed certificates. It could be the result of #10349.
Probably these messages should be suppressed from the log.
Mr-iX
commented
3 years ago I am having the same log messages after the update to openHAB 3.1
openhab-bot
commented
3 years ago This issue has been mentioned on openHAB Community. There might be relevant details there:
https://community.openhab.org/t/oh3-how-to-setup-http-binding-correct/124309/2
openhab-bot
commented
3 years ago This issue has been mentioned on openHAB Community. There might be relevant details there:
https://community.openhab.org/t/openhab-3-1-release-discussion/124014/65
lsiepel
commented
1 year ago If that has to be adjusted in log4j2.xml this issue should be moved to https://github.com/openhab/openhab-distro @wborn ?
wborn
commented
1 year ago I wouldn't suppress these messages by default as it is a serious security issue if one day all OH code is configured to always allow all certificates.
It would be better if add-ons can be configured to trust certain self signed certificates. IIRC this is already possible with the MQTT binding. Though it would be better if you can add self signed certificates in the system settings so it can be more easily used with every add-on.
If you know what you are doing you can reconfigure the org.eclipse.jetty.util.ssl.SslContextFactory.config logger manually.
Expected Behavior
Current Behavior
Some bindings produce these warnings in the log
Bindings known to produce such messages: Daikin, HTTP, Unifi Bindings known to not produce such messages: Astro, MQTT, Network, OpenWeatherMap, TP-Link Smart Home, Xiaomi Mi IO
Possible Solution
Steps to Reproduce (for Bugs)
https://community.openhab.org/t/openhab-3-1-milestone-discussion/116025/81?u=moody_blue
Context
Your Environment