0

I'm hoping someone can help me with this. I'm using the following :

  • WildFly 9
  • jbossws-cxf-*-5.0.0.Final
  • cxf-core-3.0.5

and I am dealing with an integration issue with a partner endpoint related to SNI in the HTTPS handshake. Following along with another site (here) I have been able to create a custom SSLSocketFactory and set that as the default SSLSocketFactory, but then I ran into the issue where CXF does not use the default SSLSocketFactory(here). With that I have not found a way to inform CXF to use the default SSLSocketFactory through configuration.

By debugging I was able to set the httpsURLConnectionDefaultHostnameVerifier on the TLSClientParameters to true and confirmed that this resolves the issue. I have also seen a number of posts that imply that this value can be set via a configuration file(JBoss WS config or CXF config) or as a startup parameter, but I have not been able to find a way to do this.

Has anyone else been able to accomplish this and if so can you share how?

Tristan
  • 279
  • 5
  • 21

1 Answers1

0

So the only answer I could find to this particular issue was pretty brute force/ugly, but here goes in hopes it may save someone some pain later.

  1. I created a custom SSLSocketFactory and set that as the default at startup.
  2. This factory will return a custom connection implementation that extends the CXF extend the SOAPConnectionImpl that will set setUseHttpsURLConnectionDefaultSslSocketFactory to true on the TLSClientParameters.
  3. This is set on the URLConnectionHTTPConduit in turn
  4. Lastly I had to use a ThreadLocal class to hold the host name which is used by the custom SSLSocketFactory
Tristan
  • 279
  • 5
  • 21