https://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/conn/scheme/SchemeSocketFactory.html
HttpContext context... SchemeRegistry registry = getSchemeRegistry(context); Scheme schm = registry.getScheme(target.getSchemeName()); SchemeSocketFactory sf = schm.getSchemeSocketFactory();
This example https://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientCustomSSL.java shows
Specifically, it's interesting to look at their default implementation of https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/HostnameVerifier.html which is the org.apache.http.conn.ssl.BrowserCompatHostnameVerifier ( extends org.apache.http.conn.ssl.AbstractVerifier implements org.apache.http.conn.ssl.X509HostnameVerifier extends javax.net.ssl.HostnameVerifier )
The extra methods added by org.apache.http.conn.ssl.X509HostnameVerifier are:
public abstract void verify(String host, SSLSocket ssl) throws IOException; public abstract void verify(String host, X509Certificate cert) throws SSLException; public abstract void verify(String host, String[] cns, String[] subjectAlts) throws SSLException;while the basic javax.net.ssl.HostnameVerifier contains only
verify(String hostname, SSLSession session)
Remember! javax.net.ssl.SSLSocketFactory is an ABSTRACT class.
For use within WebLogic, see http://docs.oracle.com/cd/E12839_01/core.1111/e10043/ohttps.htm#JISEC2046, but the property HTTPClient.defaultHostnameVerifier doesn't seem to work with Apache HTTPClient.
Also another interface exists weblogic.security.SSL.HostnameVerifier
No comments:
Post a Comment