I am using MINA 1.1.7 to implement a custom service using TLS and a custom protocol. I have everything working in that communication is encrypted, however, there doesnt seem to be any host name verification. ie, the URL I am using to connect to the server does NOT match the CN of the certificate that the server returns and no exception is thrown. Is there a way to enable this verification? Is this something I need to implement myself?
It looks like JSSE does not provide this functionality at the SSL level, but provides it at the HttpsURLConnection level. I guess this means I need to implement it myself, but I dont see where I can inject this verification code since I need access to the server certificate as well as the URL. Any ideas?
