Which protocol socket factories actually use the truststore in Apache HttpClient?
Issue
- I can see in
httpclient-8443.properties
of thewebservice_proxy_security
quickstart there are four protocol socket factories:
#protocol-socket-factory=org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory
protocol-socket-factory=org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactory
#protocol-socket-factory=org.jboss.soa.esb.http.protocol.SelfSignedSSLProtocolSocketFactoryBuilder
#protocol-socket-factory=org.jboss.soa.esb.http.protocol.AuthSSLProtocolSocketFactoryBuilder
- Among the above protocol socket factories, I found that
EasySSLProtocolSocketFactory
in fact does not use thetruststore
property and thus does not perform hostname verification. - Which ones actually use the
truststore
property?
Environment
- JBoss Enterprise SOA Platform (SOA-P)
- 5.x
- SOAPClient / SOAPProxy / HttpRouter
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.