I don't specifically need this from CXF, but I've recently had to deal with these issues using raw HttpClient, and I wondered what I'd have to do to configure CXF to deal with these issues.
Specifically, I have a project that can connect through SSL to either a test server or a production server. On the test server, it uses a self-signed certificate. I had to configure my HttpClient-using code to use the "EasySSLProtocolSocketFactory", a common solution for this. On the production server, we ended up having to connect to the server "under" the main server, because of network architecture issues, but that meant that the SSL cert we were getting had a context name that didn't match the server we were getting it from. We didn't want to turn off hostname verification, so I implemented a different socket factory for that scenario that can be provided with an "alternate context name" (we provide the name of the original host we were connecting to). This all works with HttpClient. If I had to, how would I implement these features with http:conduit?
