I'm using p2 as part of an rcp application to install some features from remote sites. Some of the sites have https access with invalid host names (this happens a lot if I have to access via a tunnel). Running a with standard settings I'm getting the following exception:
org.eclipse.equinox.p2.core.ProvisionException: Kann Repository https://localhost:8095/funtrade-test3/p2/content.xml nicht lesen.
...
Caused by: javax.net.ssl.SSLException: hostname in certificate didn't match: <localhost> != <*.xxx.ch> OR <*.xxx.ch> OR <xxx.ch>
(I changed the actual host names).
When setting up an HttpClient one can easily configure a HostNameVerifier that would accept the localhost in this case. But the HttpClient that is used by p2 via ecf cannot be configured in any way as far as I can see.
My current workaround ist just to disable HttpClient based transport by setting the system property
org.eclipse.ecf.provider.filetransfer.excludeContributors=org.eclipse.ecf.provider.filetransfer.httpclient4
With this property p2 uses a HttpsURLConnection which I can configure (globally) with
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
So, is there a possibility to access the HttpClient or supply a factory to create one or something else that can influence the hostname verification of p2?
Peter