After taking a closer look at the existing SSLSocketFactory, can I just set the setHostnameVerifier to a class that always returns true for its verify methods? That would also let me log any defective certs without disrupting the connection.
Thanks, David ----- Original Message ---- From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> To: [email protected] Sent: Tuesday, January 29, 2008 11:35:09 PM Subject: Re: Invalid SSL Certs Hi David, >_Thanks. I read it several months ago when I didn't need SSL, and then >_promptly forgot about it. I forgot to mention that I'm using client 4, but I >_think the answer would be the same. I'll probably just extend the standard >_socket factory and override connectSocket. The interfaces have changed, but the principle is the same. Please override the standard _layered_ (secure) socket factory implementation. Forgetting to implement the extra interface for layering SSL is one of the frequently embraced pitfalls. cheers, Roland --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ____________________________________________________________________________________ Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
