From 42077271a65c61515b43802395c0fad37a6f6e98 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 20 Dec 2024 01:54:01 +0000 Subject: [PATCH] Sync documentation of main branch --- _versions/main/guides/rest-client.adoc | 31 +++++++++++++++++++------- 1 file changed, 23 insertions(+), 8 deletions(-) diff --git a/_versions/main/guides/rest-client.adoc b/_versions/main/guides/rest-client.adoc index 3c2c2a2be1..cec13b5a7b 100644 --- a/_versions/main/guides/rest-client.adoc +++ b/_versions/main/guides/rest-client.adoc @@ -492,18 +492,33 @@ quarkus.rest-client.extensions-api.scope=jakarta.inject.Singleton Setting the base URL of the client is **mandatory**, however the REST Client supports per-invocation overrides of the base URL using the `@io.quarkus.rest.client.reactive.Url` annotation. ==== -=== Disabling Hostname Verification +=== Trusting all certificates and Disabling SSL hostname verification -To disable the SSL hostname verification for a specific REST client, add the following property to your configuration: +[WARNING] +==== +This properties set should not be used in production. +==== + +You can configure TLS connection of specific REST client to trust all certificates and disable the hostname verification using tls extension. +First of all, you should configure tls configuration bucket. +To trust all certificates: [source,properties] ---- -quarkus.rest-client.extensions-api.verify-host=false +quarkus.tls.tls-disabled.trust-all=true +---- + +To disable SSL hostname verification: +[source,properties] +---- +quarkus.tls.tls-disabled.hostname-verification-algorithm=NONE +---- + +Finally, lets configure our REST client with apropriate tls configuration name: +[source,properties] +---- +quarkus.rest-client.extensions-api.tls-configuration-name=tls-disabled ---- -[WARNING] -==== -This setting should not be used in production as it will disable the SSL hostname verification. -==== === HTTP/2 Support @@ -2086,7 +2101,7 @@ and limitations: - the default scope of the client for the new extension is `@ApplicationScoped` while the `quarkus-resteasy-client` defaults to `@Dependent` To change this behavior, set the `quarkus.rest-client.scope` property to the fully qualified scope name. -- it is not possible to set `HostnameVerifier` or `SSLContext` +- it is not possible to set `SSLContext` - a few things that don't make sense for a non-blocking implementations, such as setting the `ExecutorService`, don't work == Further reading