Hi everyone
We are upgrading our commons-httpclient-3.0-rc4.jar to HttpClient4.2 in our
Apps which are deployed on Websphere V7.
We have a problem getting the right SSL-Configuration from the Websphere and I
found out,
that this is because of new way the SSLSocketFactory is being created in the
HttpClient4.X
In the old commons-httpclient-3.x we get the socketfactory in
ReflectionSocketFactory.createSocket() (Oleg you did it :-))
like this: javax.net.ssl.SSLSocketFactory.getDefault()
This way we get in Websphere the right SSLSocketFactory:
com.ibm.websphere.ssl.protocol.SSLSocketFactory
(which is the default in java.security and uses WAS truststore and not java
cacerts).
With the new HttpClient4.2 this has changed, we get socketfactory from
org.apache.http.conn.ssl.SSLSocketFactory.getSocketFactory()
which return in Websphere another SSLSocketFactory
(com.ibm.jsse2.SSLSocketFactoryImpl)
I can workaround this in HttpClient4.X if I use the old way of getting the
socketFactory:
javax.net.ssl.SSLSocketFactory
wasSslFactory=(javax.net.ssl.SSLSocketFactory)
javax.net.ssl.SSLSocketFactory.getDefault();
org.apache.http.conn.ssl.SSLSocketFactory socketFactory =
new
org.apache.http.conn.ssl.SSLSocketFactory(wasSslFactory,
org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
org.apache.http.conn.scheme.Scheme sch = new
org.apache.http.conn.scheme.Scheme("https", 443, socketFactory);
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(sch);
but I don't understand why the way getting socketFactory in HttpClient4.X has
changed, are there any reasons?
Oleg, can you explain this please?
Thank you
Adrian
