[
https://issues.apache.org/jira/browse/CXF-8415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17273265#comment-17273265
]
Andriy Redko commented on CXF-8415:
-----------------------------------
[~ffang] do you recall this change? I am wondering if throwing an exception is
the way to go (since `verify` never returns `false` in fact), thank you.
> DefaultHostnameVerifier fails with HttpCore NIO
> -----------------------------------------------
>
> Key: CXF-8415
> URL: https://issues.apache.org/jira/browse/CXF-8415
> Project: CXF
> Issue Type: Bug
> Affects Versions: 3.4.1
> Environment: CXF version 3.4.1
> httpcore-nio version 4.4.13
> httpasyncclient version 4.1.4
> Reporter: Per-Ivar Bakke
> Priority: Major
>
> DefaultHostnameVerifier throws RuntimeException causing the IOReactor in
> HttpCore NIO to die. I have registered an issue on Apache HttpCore NIO
> HTTPCORE-660, but I really think this should be fixed in CXF.
> Please not that the [line in
> question|https://github.com/apache/cxf/blob/master/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java#L98]
> was changed from returning false to throwing RuntimeException as part of
> [CXF-7876|https://issues.apache.org/jira/browse/CXF-7876]. But, maybe a
> better approach would be to not catch the SSLException. This will not kill
> the IOReactor in HttpCore NIO.
> *Steps to reproduce*
> # Configure CXF to use [asynchronous client http
> transport|https://cxf.apache.org/docs/asynchronous-client-http-transport.html]
> # Test towards a server having a certificate with non-matching host (for
> instance [wrong.host.badssl.com|https://wrong.host.badssl.com/])
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
