Hello,
I guess it depends on the definition of "verifying session", for
example I was using the TrustStrategy to do (additional) certificate
public key info pinning:
pinnedCertTrust = new PinnedCertTrust("...=");
// this context falls back to system trust material (but first checks pinning)
-Original Message-
From: Oleg Kalnichevski [mailto:ol...@apache.org]
Sent: Monday, August 22, 2016 5:53 AM
To: HttpClient User Discussion <httpclient-users@hc.apache.org>
Subject: Re: CloseableHttpClient and custom verification of SSL session
On August 21, 2016 10:50:47 PM GMT+02:00,
On August 21, 2016 10:50:47 PM GMT+02:00, Sachin Nikumbh
wrote:
>Hi all,
>
>I am using CloseableHttpClient to support HTTPS. I need to do some
>client
>side verification after receiving the server certificate. This needs to
>happen immediately after the SSL handshake and
Hi all,
I am using CloseableHttpClient to support HTTPS. I need to do some client
side verification after receiving the server certificate. This needs to
happen immediately after the SSL handshake and before the actual data is
exchanged. Can someone please direct me in the right direction?