Yes, I read that piece of the tutorial, but I have a bare-bones simple client:
HttpClient httpclient = new DefaultHttpClient();
HttpGet httpget = new HttpGet("https://www.xyz.com/...";);
HttpResponse response = httpclient.execute(httpget);
HttpEntity entity = response.getEntity();
From the tutorial, it looks like there's no easy way to adjust hostname
verification. I must get into details of socket factories and params and
sf.connectSocket() and such? It's not obvious how all these pieces fit together.
Lee
-----Original Message-----
From: Oleg Kalnichevski [mailto:[email protected]]
Sent: Sunday, May 30, 2010 1:17 PM
To: HttpClient User Discussion
Subject: Re: turn off hostname verification
On Sat, 2010-05-29 at 12:41 +0000, Lee Breisacher wrote:
> It appears that the default hostname verification in 4.1 is
> BROWSER_COMPATIBLE, whereas the default in 3.x was ALLOW_ALL. Is that correct?
>
This is correct.
> What is the easiest way for a simple 4.1 client to turn off hostname
> verification?
>
You should configure the SSLSocketFactory with
ALLOW_ALL_HOSTNAME_VERIFIER as described here:
http://hc.apache.org/httpcomponents-client-4.0.1/tutorial/html/connmgmt.html#d4e506
Hope this helps
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
