raboof/pekko
1
0
Fork 0
Code Issues Pull requests Projects Releases 6 Packages Wiki Activity Actions 10

add insecure HTTPS client warning for Java

Browse source
This commit is contained in:
Roland Kuhn 2015-11-24 10:23:20 +01:00
parent ac9bcebb90
commit 401dbdee9c
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
akka-docs-dev/rst/java/http/client-side/https-support.rst
View file

@ -5,6 +5,11 @@ Client-Side HTTPS Support
Akka HTTP supports TLS encryption on the client-side as well as on the :ref:`server-side <serverSideHTTPS-java>`.
.. warning:
Akka HTTP 1.0 does not completely validate certificates when using HTTPS. Please do not treat HTTPS connections
made with this version as secure. Requests are vulnerable to a Man-In-The-Middle attack via certificate substitution.
The central vehicle for configuring encryption is the ``HttpsContext``, which can be created using
the static method ``HttpsContext.create`` which is defined like this: