Re: CloseableHttpClient and custom verification of SSL session

Hello, I guess it depends on the definition of "verifying session", for example I was using the TrustStrategy to do (additional) certificate public key info pinning: pinnedCertTrust = new PinnedCertTrust("...="); // this context falls back to system trust material (but first checks pinning)

RE: CloseableHttpClient and custom verification of SSL session

-Original Message- From: Oleg Kalnichevski [mailto:ol...@apache.org] Sent: Monday, August 22, 2016 5:53 AM To: HttpClient User Discussion <httpclient-users@hc.apache.org> Subject: Re: CloseableHttpClient and custom verification of SSL session On August 21, 2016 10:50:47 PM GMT+02:00,

Re: CloseableHttpClient and custom verification of SSL session

On August 21, 2016 10:50:47 PM GMT+02:00, Sachin Nikumbh wrote: >Hi all, > >I am using CloseableHttpClient to support HTTPS. I need to do some >client >side verification after receiving the server certificate. This needs to >happen immediately after the SSL handshake and

CloseableHttpClient and custom verification of SSL session

Hi all, I am using CloseableHttpClient to support HTTPS. I need to do some client side verification after receiving the server certificate. This needs to happen immediately after the SSL handshake and before the actual data is exchanged. Can someone please direct me in the right direction?