aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java5
1 files changed, 4 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java
index c0ba1d96d..d5c7d9100 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java
@@ -66,13 +66,16 @@ public abstract class SimpleMOAMetadataProvider implements MetadataProvider{
if (metadataURL.startsWith("https:")) {
try {
+ //FIX: change hostname validation default flag to true when httpClient is updated to > 4.4
MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
PVPConstants.SSLSOCKETFACTORYNAME,
AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(),
null,
AuthConfiguration.DEFAULT_X509_CHAININGMODE,
AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking(),
- AuthConfigurationProviderFactory.getInstance().getRevocationMethodOrder());
+ AuthConfigurationProviderFactory.getInstance().getRevocationMethodOrder(),
+ AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfigurationBoolean(
+ AuthConfiguration.PROP_KEY_SSL_HOSTNAME_VALIDATION, false));
httpClient.setCustomSSLTrustStore(metadataURL, protoSocketFactory);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 16:33:19 +0000