-
Bug
-
Resolution: Done
-
Major
-
7.1.0.DR13
https-listener with set ssl-context
<https-listener name="https" socket-binding="https" ssl-context="serverSSLContext" verify-client="REQUIRED"/>
is not verifying client
verify-client="REQUIRED"
Request
curl https://192.168.122.196:8847/ -k
should be rejected, but isn't
$ curl https://192.168.122.196:8847/ -k
<!DOCTYPE html>
<html>
<head>
<title>JBoss EAP 7</title>
<!-- proper charset -->
<meta http-equiv="content-type" content="text/html;charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE8" />
<link rel="stylesheet" type="text/css" href="eap.css" />
<link rel="shortcut icon" href="favicon.ico" />
</head>
<body>
<div id="container" style="position: absolute; left: 0px; top: 0px; right: 0px; bottom: 0px;">
<!-- header -->
<div class="header-panel">
<div class="header-line"> </div>
<div class="header-top">
<img class="prod-title" src="images/product_title.png"/><span class="prod-version">7</span>
</div>
<div class="header-bottom"> </div>
</div>
<!-- main content -->
<div id="content">
<div class="section">
<h1>Welcome to JBoss EAP 7</h1>
<h3>Your Red Hat JBoss Enterprise Application Platform is running.</h3>
<p>
<a href="/console">Administration Console</a> |
<a href="https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/">Documentation</a> |
<a href="https://access.redhat.com/discussions">Online User Groups</a> <br/>
</p>
<sub>To replace this page simply deploy your own war with / as its context path.<br/>
To disable it, remove the "welcome-content" handler for location / in the undertow subsystem.</sub>
</div>
</div>
<div id="footer"> </div>
</div>
</body >
</html>
- is cloned by
-
-
- Closed
-
- is incorporated by
-
JBEAP-9590 Backport Latest Elytron Integration Changes PR #1534
-
- Closed
-
