vince kraemer wrote:
> Hmm.
>
> I am glad to hear that Bill is trying to make --secure obsolete....
Well, just thinking about it right now...
> Since the isSecurePort method tells you that the port is secure, I
> figure he won't need to retry... why try to connect when you know that
> it will fail... He may want to go straight to making a Https connection...
isSecurePort is a pretty disgusting hack that makes a connection, sends
some data, reads the response for 4 seconds, closes the connection, and
analyzes the response. It would be gratuitous to do that before every
connection.
> That is what I am doing in the NB plugin.
>
> You may end up getting the sun.security.validator.ValidatorException
> when you try to use the connection... since the domain does not have a
> nice trusted certificate... The JVM for asadmin may trust the cert from
> domain1... The NB IDE doesn't.
ValidatorException is a different issue. I'm not clear on what, if anything,
asadmin does to handle the case where you're using a self-signed certificate
that the client doesn't know about. Maybe no one has ever tried that...