diff options
Diffstat (limited to 'http-utils/src/main/java/ai/vespa/util/http/hc5/VespaAsyncHttpClientBuilder.java')
-rw-r--r-- | http-utils/src/main/java/ai/vespa/util/http/hc5/VespaAsyncHttpClientBuilder.java | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/http-utils/src/main/java/ai/vespa/util/http/hc5/VespaAsyncHttpClientBuilder.java b/http-utils/src/main/java/ai/vespa/util/http/hc5/VespaAsyncHttpClientBuilder.java index 219f1707589..50af29f92aa 100644 --- a/http-utils/src/main/java/ai/vespa/util/http/hc5/VespaAsyncHttpClientBuilder.java +++ b/http-utils/src/main/java/ai/vespa/util/http/hc5/VespaAsyncHttpClientBuilder.java @@ -11,6 +11,7 @@ import org.apache.hc.client5.http.ssl.ClientTlsStrategyBuilder; import org.apache.hc.client5.http.ssl.NoopHostnameVerifier; import org.apache.hc.core5.http.nio.ssl.TlsStrategy; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.SSLParameters; /** @@ -37,13 +38,17 @@ public class VespaAsyncHttpClientBuilder { } public static HttpAsyncClientBuilder create(AsyncConnectionManagerFactory factory) { + return create(factory, new NoopHostnameVerifier()); + } + + public static HttpAsyncClientBuilder create(AsyncConnectionManagerFactory factory, HostnameVerifier hostnameVerifier) { HttpAsyncClientBuilder clientBuilder = HttpAsyncClientBuilder.create(); TlsContext vespaTlsContext = TransportSecurityUtils.getSystemTlsContext().orElse(null); TlsStrategy tlsStrategy; if (vespaTlsContext != null) { SSLParameters vespaTlsParameters = vespaTlsContext.parameters(); tlsStrategy = ClientTlsStrategyBuilder.create() - .setHostnameVerifier(new NoopHostnameVerifier()) + .setHostnameVerifier(hostnameVerifier) .setSslContext(vespaTlsContext.context()) .setTlsVersions(vespaTlsParameters.getProtocols()) .setCiphers(vespaTlsParameters.getCipherSuites()) |