Could you create a test-case to reproduce the problem? Colm.
On Tue, Apr 11, 2017 at 9:14 PM, KARR, DAVID <[email protected]> wrote: > So, I got my little client prototype working in "happy path", and I > managed to accidentally discover a way to make the server response barf and > give me back a fatal HTML response (which will be rare, but I have to know > when it happens), so I added a catch clause for ResponseProcessingException > so I could get the HTML text. > > Now I wanted to try to understand what I accidentally discovered, which > made the service call fail. > > In my client initialization code, I have a block like this: > ------------------- > builder.hostnameVerifier((host, session) -> { > try { > Certificate[] certs = > session.getPeerCertificates(); > return certs != null && certs[0] > instanceof X509Certificate; > } > catch (SSLException ex) { > return false; > } > }); > --------------- > > When I comment this out, I get HTML that essentially says "An attempt to > authenticate with a client certificate failed." Ok, so I was just a little > curious to see when or how that "host name verifier" is called. So I ran > the test in debug, setting breakpoints in the try and catch block. No > breakpoints were hit. I then added print statements in the lambda, both at > the top and in the catch clause. Nothing comes out. I then added a flag > to the parent instance and set it in the body of the lambda, and then > printed out the value after I got the response, and the flag was not set. > > From the evidence I'm seeing, it almost seems like just the presence of > ANY host name verifier allows the verification to succeed, without even > executing it. That can't be right. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
