[jira] [Commented] (NUTCH-2648) Make configurable whether TLS/SSL certificates are checked by protocol plugins

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Commented] (NUTCH-2648) Make configurable whether TLS/SSL certificates are checked by protocol plugins

JIRA jira@apache.org

    [ https://issues.apache.org/jira/browse/NUTCH-2648?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16642463#comment-16642463 ]

Markus Jelsma commented on NUTCH-2648:
--------------------------------------

+1!

Although i would suggest to mention it works only for protocol-okhttp at this moment in nutch-default, so users don't have to read code to know what supports it or not.

Maybe its also an idea to add a dummy trust manager in Nutch' base code, so protocol plugins don't have to copy it, like i did with 2647, my bad!

> Make configurable whether TLS/SSL certificates are checked by protocol plugins
> ------------------------------------------------------------------------------
>
>                 Key: NUTCH-2648
>                 URL: https://issues.apache.org/jira/browse/NUTCH-2648
>             Project: Nutch
>          Issue Type: Improvement
>          Components: protocol
>    Affects Versions: 1.15
>            Reporter: Sebastian Nagel
>            Priority: Minor
>             Fix For: 1.16
>
>
> (see discussion in NUTCH-2647)
> It should be possible to enable/disable TLS/SSL certificate validation centrally for all http/https protocol plugins by a single configuration property.
> Some use cases (eg. crawl a site to detect insecure pages) may require that TLS/SSL certificates are checked. Also a broader, unrestricted web crawl may skip sites with invalid certificates as this is can be an indicator for the quality of a site.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)