From 7b90a703b68426dafc683f623cf117eaf27235d2 Mon Sep 17 00:00:00 2001
From: Ralph Ursprung <Ralph.Ursprung@avaloq.com>
Date: Fri, 22 Nov 2024 18:59:09 +0100
Subject: [PATCH] `OpenSearchConnection`: use built-in `TrustAllStrategy`

no need to hand-roll this if there's a built-in alternative.
---
 .../ext/opensearch/database/OpenSearchConnection.java          | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/liquibase/ext/opensearch/database/OpenSearchConnection.java b/src/main/java/liquibase/ext/opensearch/database/OpenSearchConnection.java
index d005195..5c3ae13 100644
--- a/src/main/java/liquibase/ext/opensearch/database/OpenSearchConnection.java
+++ b/src/main/java/liquibase/ext/opensearch/database/OpenSearchConnection.java
@@ -13,6 +13,7 @@
 import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
 import org.apache.hc.client5.http.ssl.ClientTlsStrategyBuilder;
 import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
+import org.apache.hc.client5.http.ssl.TrustAllStrategy;
 import org.apache.hc.core5.http.HttpHost;
 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
 import org.apache.hc.core5.reactor.ssl.TlsDetails;
@@ -144,7 +145,7 @@ private void connect() {
                     try {
                         sslcontext = SSLContextBuilder
                                 .create()
-                                .loadTrustMaterial(null, (chains, authType) -> true)
+                                .loadTrustMaterial(null, new TrustAllStrategy())
                                 .build();
                     } catch (final NoSuchAlgorithmException | KeyManagementException | KeyStoreException e) {
                         throw new RuntimeException(e);