Hi Eric, I've just started running into this problem as well and have been trying to work out how to implement your suggestions with no luck. The step I'm having troubles with is the"and use the socket factory instead of the calls to SSLSocketFactory.getDefault()".
My problem is that currently I don't have an alternate SSLSocketFactory to use - any hints on where one is available from that doesn't barf on untrusted certs or links to info on how to implement one? It sounds like a rather difficult task to me, but the client is paying us lots of money so I'm inclined to work on it. :) I haven't been able to turn up your original posts on the commons-dev list so if there is more useful information there, a couple of key words to search for would be useful in helping me find it. Thanks in advance, Adrian Sutton Software Engineer Ephox Corporation. ----- Original Message ----- From: "Eric Johnson" <[EMAIL PROTECTED]> To: "Commons HttpClient Project" <[EMAIL PROTECTED]> Sent: Thursday, February 20, 2003 4:38 AM Subject: Re: Problem with SSL Certificate > Hi, > > I brought this up on the commons dev thread and forgot > to post the idea here. > > You'll need to write your own implementation of the > SecureProtocolSocketFactory to replace the > SSLProtocolSocketFactory implementation. Add a > socketFactory argument to the constructor of this > class and use the socket factory instead of the calls > to SSLSocketFactory.getDefault() used in > SSLProtocolSocketFactory. > > I think this idea ought to replace > SSLProtocolSocketFactory FWIW. I just hadn't had time > to send it in or type up the code for it yet. > > Eric Johnson (not the one that regularly contributes, > but one that might like to in the near future.) > > :) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
