From 55bc6384b5214f4247ec8f50e6c66117e51274ce Mon Sep 17 00:00:00 2001
From: YYTVicky <61596169+YYTVicky@users.noreply.github.com>
Date: Sat, 29 Feb 2020 16:45:52 -0800
Subject: [PATCH] leave a note to tell user this is not secure

It would be better to warn users TRUST_ALL is not secure.
---
 .../java/org/apache/brooklyn/util/crypto/SslTrustUtils.java     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/utils/common/src/main/java/org/apache/brooklyn/util/crypto/SslTrustUtils.java b/utils/common/src/main/java/org/apache/brooklyn/util/crypto/SslTrustUtils.java
index 63df86e73f..d3941372d2 100644
--- a/utils/common/src/main/java/org/apache/brooklyn/util/crypto/SslTrustUtils.java
+++ b/utils/common/src/main/java/org/apache/brooklyn/util/crypto/SslTrustUtils.java
@@ -39,7 +39,7 @@ public static <T extends URLConnection> T trustAll(T connection) {
         return connection;
     }
     
-    /** trusts all SSL certificates */
+    /** trusts all SSL certificates, it is not secure*/
     public static final TrustManager TRUST_ALL = new X509TrustManager() {
         @Override
         public X509Certificate[] getAcceptedIssuers() {