Added documentation on trusting SSL hosts and verifying server identi…

…ty (bbottema/simple-java-mail#222)
simple-java-mail · Oct 12, 2019 · 499eae4 · 499eae4
1 parent ffe84fe
commit 499eae4
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 12 deletions.
diff --git a/dist/configuration.html b/dist/configuration.html
@@ -371,16 +371,23 @@ <h3>Programmatic API - other settings</h3>
 mailer.getSession().getProperties().setProperty("mail.smtp.sendpartial", true);
 </code></pre>
 <pre><code class="small">
+/* Regarding the following config on trusting hosts,
+    the Javadoc has more detailed info (in the mailer builder api). */
 // trust all hosts for SSL connections
 currentMailerBuilder.trustingAllHosts(true);
-// don't validate keys thus not verifying server hosts
-currentMailerBuilder.verifyingServerIdentity(false);
-</code></pre>
-<pre><code class="small">
-// white list hosts for SSL connections (identity key validation notwithstanding)
+// or white list hosts for SSL connections (identity key validation notwithstanding)
 currentMailerBuilder.trustingSSLHosts("a", "b", "c", ...);
-// or clearing them
+
+// or clearing these options
 currentMailerBuilder.clearTrustedSSLHosts();
+currentMailerBuilder.resetTrustingAllHosts();
+</code></pre>
+<pre><code class="small">
+/* Regarding the following config on identifying hosts,
+    the Javadoc has more detailed info (in the mailer builder api). */
+// don't validate keys thus not verifying server hosts
+currentMailerBuilder.verifyingServerIdentity(false);
+currentMailerBuilder.resetVerifyingServerIdentity();
 </code></pre>
 <pre><code class="small">// change the pool size (default 10) for concurrent threads, each sending an email
 currentMailerBuilder.withThreadPoolSize(3);
@@ -475,6 +482,10 @@ <h3>Available properties</h3>
 simplejavamail.defaults.connectionpool.claimtimeout.millis=10000
 simplejavamail.defaults.connectionpool.expireafter.millis=5000
 simplejavamail.defaults.sessiontimeoutmillis=60000
+simplejavamail.defaults.trustallhosts=false
+# following property is ignored when trustallhosts is true:
+simplejavamail.defaults.trustedhosts=192.168.1.122;mymailserver.com;ix55432y
+simplejavamail.defaults.verifyserveridentity=true
 simplejavamail.transport.mode.logging.only=true
 simplejavamail.opportunistic.tls=false
 simplejavamail.smime.signing.keystore=my_keystore.pkcs12

diff --git a/src/pages/configuration.hbs b/src/pages/configuration.hbs
@@ -313,16 +313,23 @@ currentMailerBuilder.withProperty("mail.smtp.sendpartial", true);
 mailer.getSession().getProperties().setProperty("mail.smtp.sendpartial", true);
 </code></pre>
 <pre><code class="small">
+/* Regarding the following config on trusting hosts,
+    the Javadoc has more detailed info (in the mailer builder api). */
 // trust all hosts for SSL connections
 currentMailerBuilder.trustingAllHosts(true);
-// don't validate keys thus not verifying server hosts
-currentMailerBuilder.verifyingServerIdentity(false);
-</code></pre>
-<pre><code class="small">
-// white list hosts for SSL connections (identity key validation notwithstanding)
+// or white list hosts for SSL connections (identity key validation notwithstanding)
 currentMailerBuilder.trustingSSLHosts("a", "b", "c", ...);
-// or clearing them
+
+// or clearing these options
 currentMailerBuilder.clearTrustedSSLHosts();
+currentMailerBuilder.resetTrustingAllHosts();
+</code></pre>
+<pre><code class="small">
+/* Regarding the following config on identifying hosts,
+    the Javadoc has more detailed info (in the mailer builder api). */
+// don't validate keys thus not verifying server hosts
+currentMailerBuilder.verifyingServerIdentity(false);
+currentMailerBuilder.resetVerifyingServerIdentity();
 </code></pre>
 <pre><code class="small">// change the pool size (default 10) for concurrent threads, each sending an email
 currentMailerBuilder.withThreadPoolSize(3);
@@ -417,6 +424,10 @@ simplejavamail.defaults.connectionpool.maxsize=4
 simplejavamail.defaults.connectionpool.claimtimeout.millis=10000
 simplejavamail.defaults.connectionpool.expireafter.millis=5000
 simplejavamail.defaults.sessiontimeoutmillis=60000
+simplejavamail.defaults.trustallhosts=false
+# following property is ignored when trustallhosts is true:
+simplejavamail.defaults.trustedhosts=192.168.1.122;mymailserver.com;ix55432y
+simplejavamail.defaults.verifyserveridentity=true
 simplejavamail.transport.mode.logging.only=true
 simplejavamail.opportunistic.tls=false
 simplejavamail.smime.signing.keystore=my_keystore.pkcs12