[
https://issues.apache.org/jira/browse/DIRAPI-69?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17127202#comment-17127202
]
Daniel Fisher commented on DIRAPI-69:
-------------------------------------
Your code will work and I've used similar implementations in the past. However,
I believe it would be an improve to use the hostname in the SSLSession.
See
[https://github.com/vt-middleware/ldaptive/blob/master/core/src/main/java/org/ldaptive/ssl/X509ExtendedTrustManagerWrapper.java]
and
[https://github.com/vt-middleware/ldaptive/blob/master/core/src/main/java/org/ldaptive/ssl/HostnameResolver.java]
> API does not allow StartTLS hostname verification
> -------------------------------------------------
>
> Key: DIRAPI-69
> URL: https://issues.apache.org/jira/browse/DIRAPI-69
> Project: Directory Client API
> Issue Type: Improvement
> Affects Versions: 1.0.0-M9
> Reporter: Daniel Fisher
> Assignee: Pierre-Arnaud Marcelot
> Priority: Major
> Fix For: 3.0.0
>
>
> The current API does not have any features for controlling hostname
> verification. In addition, it appears that *no* hostname verification occurs
> by default. See RFC 2830 section 3.6
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
