A DESCRIPTION OF THE PROBLEM :
The previous HttpURLConnection client has setSSLSocketFactory. The new HttpClient only allows specification of the SSLContext. The ability to override the socket factory in use allowed customisations like implementing TLS protected HTTP proxies, i.e. where TLS needs to be applied to the connection to the proxy, as well as to the end to end connection. The new HttpClient sources its socket factory from the SSLContext, in which the method is final and so techniques like subclassing cannot be performed. In summary there is no way to implement encrypted proxy connections evident in the new HttpClient implementation.
The previous HttpURLConnection client has setSSLSocketFactory. The new HttpClient only allows specification of the SSLContext. The ability to override the socket factory in use allowed customisations like implementing TLS protected HTTP proxies, i.e. where TLS needs to be applied to the connection to the proxy, as well as to the end to end connection. The new HttpClient sources its socket factory from the SSLContext, in which the method is final and so techniques like subclassing cannot be performed. In summary there is no way to implement encrypted proxy connections evident in the new HttpClient implementation.
- relates to
-
JDK-8253414 Ability to use secure proxy servers
-
- Open
-