On Saturday 15 November 2008 1:56:42 am Julius Davies wrote: > Hi, > > Feel free to use the not-yet-commons-ssl hostname verifier. I have a > CLA on file (http://people.apache.org/~jim/committers.html). This > code was accepted by httpcomponents, and is part of httpclient-4.x.
Yep. Actually, several other projects have taken it already. I happened to grab it from Synapse since that's the first one Google popped up. > I've been really inactive for the last year. The httpclient > (http://hc.apache.org/) version is getting more attention. Might be > more attractive to you (split across several files): > > http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/module-client/ >src/main/java/org/apache/http/conn/ssl/ Cool. For CXF, which do you suggest is the "best" option to default in? Long term, we need to add config to make it configurable, but for the default, which do you suggest? Dan > > yours, > > Julius > > On Wed, Nov 12, 2008 at 5:26 PM, Daniel Kulp <[EMAIL PROTECTED]> wrote: > > On Wednesday 12 November 2008 2:11:22 pm wonderingWV wrote: > >> If it helps, we use JDK 5 and the problem with the > >> disableCNCheck(false) first appeared after we updated from CXF 2.0.* to > >> CXF 2.1.* > > > > I just committed some changes that install a better HostnameVerifier to > > check the certs. It would be great if you could checkout the 2.1.x > > branch, build it, and give it a whirl. I'll try and upload new > > snapshots tomorrow if doing a build is too much. > > > > Dan -- Daniel Kulp [EMAIL PROTECTED] http://dankulp.com/blog
