hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: Self-signed SSL certificates
Date Tue, 12 Nov 2013 09:35:22 GMT
On Tue, 2013-11-12 at 00:43 +0100, Sebastiano Vigna wrote:
> On 11 Nov 2013, at 9:29 PM, Oleg Kalnichevski <olegk@apache.org> wrote:
> 
> > ---
> > SSLContext sslcontext = SSLContexts.custom()
> >        .loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
> > CloseableHttpClient client = HttpClients.custom()
> >        .setSslcontext(sslcontext)
> >        .build();
> > ---
> 
> 
> I know this is not tecnically an HTTP Client question, but can SSLContext objects be
shared between HTTP clients? TrustSelfSignedStrategy is stateless, so it can be shared, but
it is really not clear from Java's documentation whether the SSLContext object is stateless.
> 

I once spent a considerable amount of time trying to find out whether or
not SSLContext instances are reentrant and thread safe. I did not manage
to have found an explicit statement to that effect in Oracle
documentation. Just looking at the Oracle's implementation of the class
it appears that access to _some_ of its internals is synchronized.
Moreover SSLContext instance is shared by all socket factories that it
spawns (at least in recent Oracle's JREs) which again seems to suggest
its code being reentrant and thread safe.  

Oleg


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message