Our web application calls several web services internally using Jersey client API. Few services are secure and we use certificates to authenticate.
Due to some reasons we want to disable hostname verification on few services.
So I searched for some examples and found the below links and the service started working as expected after disabling the verification.
While going through the third link I noticed a call to HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
I am assuming that, because of the above call, hostname verification will be disabled on all subsequent web service calls.
If my assumption is right, how do I disable verification only on a particular service?
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
if(hostname.equals("xyz")) {
return true;
} else {
// How do I implement this section?
// if I return false will the server perform the verification? If not how do I implement this?
}
}
};