Layer7 API Management

  • Private Community
 View Only

  • 1.  Disable Certificate Validation on Outbound

    Posted Nov 06, 2017 02:51 PM

    Hello,

     

    Quick question... Is there a way to disable the outbound certificate validation?  I think I remember there being a cluster-wide property for this setting.  Maybe I remembered that wrong?

     

    Thanks,

     

    Alejandro



  • 2.  Re: Disable Certificate Validation on Outbound
    Best Answer

    Broadcom Employee
    Posted Nov 06, 2017 04:15 PM

    Good afternoon. There is not a way to disable the validation but you can make it more open by trusting all certificates that were signed by trusted CAs that reside within JAVA. This can be done by setting cluster wide property "pkix.useDefaultTrustAnchors" and set it to true.

     

    Sincerely,

     

    Stephen Hughes



  • 3.  RE: Re: Disable Certificate Validation on Outbound

    Posted Aug 05, 2020 05:18 AM
    Hi Steven,
    thanks for the answer. But where can I check, what is included in the "DefaultTrustAnchors" list? And is it also possible to edit/maintain this list?
    Any further details here would be very helpful!
    Thank you!

    Ciao Stefan :)
    Original Message


  • 4.  RE: Re: Disable Certificate Validation on Outbound

    Broadcom Employee
    Posted Aug 05, 2020 07:36 PM
    Answered in thread,
    https://community.broadcom.com/enterprisesoftware/communities/community-home/digestviewer/viewthread?MessageKey=2fd68ad7-fba0-4de0-8d6f-0d080374d15f&CommunityKey=0f580f5f-30a4-41de-a75c-e5f433325a18&tab=digestviewer#bm2fd68ad7-fba0-4de0-8d6f-0d080374d15f

    Regards,
    Mark
    Original Message