rpamu-jdev opened a new pull request, #23987: URL: https://github.com/apache/camel/pull/23987
## Description After upgrading to httpclient 5.6, `NoopHostnameVerifier` stopped working for users with self-signed certificates. The root cause is that 5.6 changed the default `HostnameVerificationPolicy` to `BOTH`, which adds a JDK built-in hostname check that runs before the configured verifier and cannot be bypassed by it. To fix this I added a `hostnameVerificationPolicy` option to `HttpComponent` and `HttpEndpoint` with three values: - `CLIENT` (default) — only the configured `x509HostnameVerifier` runs, same as pre-5.6 - `BUILTIN` — only the JDK check runs - `BOTH` — both run; `NoopHostnameVerifier` cannot bypass the JDK check Default is `CLIENT` so existing setups are not affected. ## Target - [x] I checked that the commit is targeting the correct branch (Camel 4 uses the `main` branch) ## Tracking - [x] I checked there is a [JIRA issue](https://issues.apache.org/jira/browse/CAMEL-23743) filed for the change. ## Apache Camel coding standards and style - [x] I checked that each commit in the pull request has a meaningful subject line and body. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
