Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 329850

Summary: Provide support for handling untrusted SSL connections
Product: [Eclipse Project] Equinox Reporter: Yen Lu <yenlu>
Component: SecurityAssignee: Security Inbox <equinox.security-inbox>
Status: ASSIGNED --- QA Contact:
Severity: enhancement    
Priority: P3 CC: john.arthorne, pascal
Version: 3.6.1   
Target Milestone: ---   
Hardware: PC   
OS: All   
Whiteboard:
Bug Depends on: 231204    
Bug Blocks: 215929    

Description Yen Lu CLA 2010-11-09 15:18:34 EST 
Build Identifier: Eclipse 3.6

When a browser is used to open an SSL connection that requires a certificate, the user is prompted to trust the server and import a certificate if necessary. For a plugin to do the same, it would have to do all of the same work using perhaps JSSE along the way. Since many plugins may make SSL connections, it would be more efficient if this could be done at a lower level.

Reproducible: Always
Comment 1 John Arthorne CLA 2010-11-09 17:31:14 EST 

*** This bug has been marked as a duplicate of bug 215929 ***
Comment 2 John Arthorne CLA 2010-11-12 10:41:48 EST 
I am reopening this to capture the more general problem of untrusted SSL connections. The bug 215929 addresses the specific case of handling this in our provisioning infrastructure (p2).

Here is roughly how I see this working:

1) Client invokes Eclipse Communication Framework (ECF) API to perform network transfer
2) ECF consults both JRE and Equinox TrustEngine to determine trusted certificates
2) If certificate is not trusted, ECF throws SSLHandshakeException
3) Client catches the exception, prompts the user to confirm trust
4) Client persists trust via the Equinox TrustEngine API
5) Client repeats ECF network transfer, which locates the certificate in the trust engine and proceeds successfully.

The wiring of ECF to TrustEngine is already in place (bug 224196). What is missing is a writeable trust engine (bug 231204), and code to perform the user prompting. Some API could be provided to perform that part (likely in org.eclipse.equinox.security.ui). The certificate dialog created for p2 could be used here. Since the user promting is the only missing piece here, I'm moving this to Equinox Security.
Comment 3 Pascal Rapicault CLA 2010-11-15 06:21:32 EST 
While we are at it, we should also review what happens when eclipse is running headless.
Comment 4 Eclipse Webmaster CLA 2019-09-06 15:30:02 EDT 
This bug hasn't had any activity in quite some time. Maybe the problem got resolved, was a duplicate of something else, or became less pressing for some reason - or maybe it's still relevant but just hasn't been looked at yet.

If you have further information on the current state of the bug, please add it. The information can be, for example, that the problem still occurs, that you still want the feature, that more information is needed, or that the bug is (for whatever reason) no longer relevant.