diff --git a/bom/application/pom.xml b/bom/application/pom.xml
index ba6824f7c91f6..ebeddaaf90206 100644
--- a/bom/application/pom.xml
+++ b/bom/application/pom.xml
@@ -121,7 +121,7 @@
1.0.1.Final
2.3.1.Final
3.5.1.Final
- 4.5.3
+ 4.5.4
4.5.14
4.4.16
4.1.5
@@ -144,7 +144,7 @@
14.0.25.Final
4.6.5.Final
3.1.5
- 4.1.106.Final
+ 4.1.107.Final
1.14.0
1.0.4
3.5.3.Final
diff --git a/docs/src/main/asciidoc/redis-reference.adoc b/docs/src/main/asciidoc/redis-reference.adoc
index a87fca831ff98..24709b8fe4c51 100644
--- a/docs/src/main/asciidoc/redis-reference.adoc
+++ b/docs/src/main/asciidoc/redis-reference.adoc
@@ -225,6 +225,8 @@ To use TLS, you need to:
1. Set the `quarkus.redis.tls.enabled=true` property
2. Make sure that your URL starts with `rediss://` (with two `s`)
+IMPORTANT: The default hostname verifier is set to `NONE`, meaning it does not verify the host name. You can change this behavior by setting the `quarkus.redis.tls.hostname-verification-algorithm` property, to `HTTPS` for example.
+
=== Configure the authentication
The Redis password can be set in the `redis://` URL or with the `quarkus.redis.password` property.
diff --git a/extensions/redis-client/runtime/src/main/java/io/quarkus/redis/runtime/client/VertxRedisClientFactory.java b/extensions/redis-client/runtime/src/main/java/io/quarkus/redis/runtime/client/VertxRedisClientFactory.java
index 7c89ffd7e8319..e21e438e23998 100644
--- a/extensions/redis-client/runtime/src/main/java/io/quarkus/redis/runtime/client/VertxRedisClientFactory.java
+++ b/extensions/redis-client/runtime/src/main/java/io/quarkus/redis/runtime/client/VertxRedisClientFactory.java
@@ -116,7 +116,14 @@ private static NetClientOptions toNetClientOptions(RedisClientConfig config) {
tcp.alpn().ifPresent(net::setUseAlpn);
tcp.applicationLayerProtocols().ifPresent(net::setApplicationLayerProtocols);
tcp.connectionTimeout().ifPresent(d -> net.setConnectTimeout((int) d.toMillis()));
- tls.hostnameVerificationAlgorithm().ifPresent(net::setHostnameVerificationAlgorithm);
+
+ String verificationAlgorithm = tls.hostnameVerificationAlgorithm();
+ if ("NONE".equalsIgnoreCase(verificationAlgorithm)) {
+ net.setHostnameVerificationAlgorithm("");
+ } else {
+ net.setHostnameVerificationAlgorithm(verificationAlgorithm);
+ }
+
tcp.idleTimeout().ifPresent(d -> net.setIdleTimeout((int) d.toSeconds()));
tcp.keepAlive().ifPresent(b -> net.setTcpKeepAlive(true));
@@ -163,8 +170,6 @@ private static NetClientOptions toNetClientOptions(RedisClientConfig config) {
tcp.quickAck().ifPresent(net::setTcpQuickAck);
tcp.writeIdleTimeout().ifPresent(d -> net.setWriteIdleTimeout((int) d.toSeconds()));
- tls.hostnameVerificationAlgorithm().ifPresent(net::setHostnameVerificationAlgorithm);
-
return net;
}
diff --git a/extensions/redis-client/runtime/src/main/java/io/quarkus/redis/runtime/client/config/TlsConfig.java b/extensions/redis-client/runtime/src/main/java/io/quarkus/redis/runtime/client/config/TlsConfig.java
index 44a4126b52752..e8a6c46a75e95 100644
--- a/extensions/redis-client/runtime/src/main/java/io/quarkus/redis/runtime/client/config/TlsConfig.java
+++ b/extensions/redis-client/runtime/src/main/java/io/quarkus/redis/runtime/client/config/TlsConfig.java
@@ -1,7 +1,5 @@
package io.quarkus.redis.runtime.client.config;
-import java.util.Optional;
-
import io.quarkus.runtime.annotations.ConfigGroup;
import io.quarkus.vertx.core.runtime.config.JksConfiguration;
import io.quarkus.vertx.core.runtime.config.PemKeyCertConfiguration;
@@ -68,8 +66,12 @@ public interface TlsConfig {
/**
* The hostname verification algorithm to use in case the server's identity should be checked.
- * Should be HTTPS, LDAPS or an empty string.
+ * Should be {@code HTTPS}, {@code LDAPS} or an {@code NONE} (default).
+ *
+ * If set to {@code NONE}, it does not verify the hostname.
+ *
*/
- Optional hostnameVerificationAlgorithm();
+ @WithDefault("NONE")
+ String hostnameVerificationAlgorithm();
}
diff --git a/independent-projects/resteasy-reactive/pom.xml b/independent-projects/resteasy-reactive/pom.xml
index 0bf30efa4d047..7cffb0e8ee9da 100644
--- a/independent-projects/resteasy-reactive/pom.xml
+++ b/independent-projects/resteasy-reactive/pom.xml
@@ -61,7 +61,7 @@
3.2.5
2.5.7
2.3.0
- 4.5.3
+ 4.5.4
5.4.0
1.0.0.Final
2.16.1