fix: 비-mTLS https 연결 시 testMode에서 hostname 검증 우회 적용
TrustAllStrategy 사용 시에도 DefaultHostnameVerifier가 적용되어 외부 testmaster 인증서 hostname mismatch 오류 발생. testMode(-Duse.test.trust=y)일 때 NoopHostnameVerifier 적용하여 해결. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
+14
-2
@@ -366,8 +366,20 @@ public abstract class HttpClient5AdapterServiceSupport implements HttpClientAdap
|
||||
}
|
||||
else {
|
||||
sslContext = SSLContextBuilder.create().loadTrustMaterial(new TrustAllStrategy()).build();
|
||||
SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);
|
||||
cmBuilder.setSSLSocketFactory(csf);
|
||||
SSLConnectionSocketFactory sslSocketFactory = null;
|
||||
if(testMode) {
|
||||
// Hostname verifier 비활성화 (테스트용)
|
||||
sslSocketFactory = new SSLConnectionSocketFactory(
|
||||
sslContext
|
||||
, NoopHostnameVerifier.INSTANCE
|
||||
);
|
||||
}
|
||||
else {
|
||||
sslSocketFactory = new SSLConnectionSocketFactory(
|
||||
sslContext
|
||||
);
|
||||
}
|
||||
cmBuilder.setSSLSocketFactory(sslSocketFactory);
|
||||
}
|
||||
|
||||
} catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException
|
||||
|
||||
Reference in New Issue
Block a user