Hi,
I want to connect to a site where I know that the site name is different than the name in the certificate (I know it is bad, but it is so ;-) )
My connection is refused by Java since the hostname verifier is not properly set.
In fact, the JsseSSLManager properly initialises the context with an "Always Trust" manager and an "Always accept" hostname verifier. So, I checked why it was not used properly.
In HTTPSample manager, the code says:
conn= (HttpURLConnection) u.openConnection();
if ("https".equalsIgnoreCase(u.getProtocol()))
{
try
{
SSLManager.getInstance().setContext(conn);
}
...Although it seems correct, it means that the connection is built BEFORE the SSLManager is initialised and providing good default values.
The setContext only sets the factory.
I replaced it by the following code:
if ("https".equalsIgnoreCase(u.getProtocol()))
{
SSLManager sslManager = SSLManager.getInstance();
}conn= (HttpURLConnection) u.openConnection();
if ("https".equalsIgnoreCase(u.getProtocol()))
{
try
{
sslManager.setContext(conn);
}and it works correctly: the SSLManager is instanciated, the context is initialised >before< creation of the connection.
Pierre A.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
