Exactly, it's enough to create SSLEngine using
SSLContext.createSSLEngine(host, port) and pass the host name.
I don't remember what we do in ahc, so will appreciate if you can
doublecheck that.
Thank you.
WBR,
Alexey.
On 23.01.15 12:21, Daniel Feist wrote:
> Simply replace SSLFilter with SNIFilter in the provider implementation.
>
> But TBH looking at SNI more closely I dont think this approach with
> SNIFilter is even required for outbound http. Ensuring the socket is
> created with the hostname and not ip is enough. So hold off for a
> while and I'll come back to you..
>
> Dan
>
> On Fri, Jan 23, 2015 at 7:42 PM, Oleksiy Stashok
> <oleksiy.stashok_at_oracle.com> wrote:
>> Pls. share the "hack" - I can commit it to ahc.
>>
>> WBR,
>> Alexey.
>>
>>
>> On 23.01.15 04:35, Daniel Feist wrote:
>>> Fanstastic, works a treat. Just had to hack AHC a bit to use it :-(
>>>
>>> Dan
>>>
>>> On Fri, Jan 23, 2015 at 1:14 AM, Oleksiy Stashok
>>> <oleksiy.stashok_at_oracle.com> wrote:
>>>> Hi Dan,
>>>>
>>>> yes, SNIFilter is compatible with SSLFilter, it just extends it with SNI
>>>> support.
>>>>
>>>> WBR,
>>>> Alexey.
>>>>
>>>>
>>>> On 22.01.15 16:44, Daniel Feist wrote:
>>>>> Hi,
>>>>>
>>>>> Just a very quick question. Is the use of SNIFilter instead of
>>>>> SSLFilter fully compatible with the SSLFilter.
>>>>>
>>>>> i.e Can i always use the SNIFilter for SSL and have SNI supported, but
>>>>> also not have to worry if SNI isn't supported/required by the target
>>>>> server? It looks like it is, but this isn't clear from javadoc, so
>>>>> wanted to check.
>>>>>
>>>>> thanks!
>>>>> Dan
>>>>