PingGateway 2024.11

TrustAllManager

Blindly trusts all server certificates presented the servers for protected applications. It can be used instead of a TrustManager (deprecated) in test environments to trust server certificates that were not signed by a well-known CA, such as self-signed certificates.

The TrustAllManager isn’t safe for production use. Use a properly configured TrustManager (deprecated) instead.

Usage

{
    "name": string,
    "type": "TrustAllManager"
}

Example

The following example configures a handler that blindly trusts server certificates and doesn’t verify hostnames when PingGateway connects to servers over HTTPS:

{
    "name": "BlindTrustReverseProxyHandler",
    "type": "ReverseProxyHandler",
    "config": {
        "tls": {
            "type": "ClientTlsOptions",
            "config": {
                "trustManager": {
                    "type": "TrustAllManager"
                },
                "hostnameVerifier": "ALLOW_ALL"
            }
        }
    }
}
Copyright © 2010-2024 ForgeRock, all rights reserved.