On Tue, 2007-10-09 at 13:53 -0700, Eric Johnson wrote: > Perhaps I missed the documentation, but here's my problem: > > For our particular use of HttpClient (version 3.1), we'd like to be able > to fetch the peer certificate chain for a particular request. > > The obvious place to start is to define our own protocol socket factory. > > Having done that, I can see perhaps caching the mapping of host to peer > certificates in the protocol socket factory. Then, after any given > request, my code can ask the protocol socket factory for the peer > certificates for the domain I just connected to. This seems more > complicated than it needs to be. I worry that this gets awkward, how do > I maintain the correctness of the cache. > > I think it would make more sense to associate the certificate chain with > the individual request. I just don't see an obvious way to do that. > > Any ideas how best to solve this? >
Hi Eric Unfortunately I have no good news for you. There is simply no elegant way of solving this problem with HttpClient 3.x. Possible workarounds differ in the degree of ugliness, but all are very ugly. HttpClient 4.0 API is significantly more flexible and powerful. It provides a reasonably elegant way of solving the problem (as well as many other inherent deficiencies of the 3.x API), but it is still an early ALPHA and is not expected to stabilize any time soon. You'll have to pick a lesser of two evils depending on your particular project circumstances and priorities. Oleg > -Eric. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
