Description
Currently, we're using OpenSSL to fetch the remote certificate, but it doesn't work well in the following scenario:
- Support External Proxy (HTTP/HTTPS and Socks5)
- Custom Client Certificate
- Get some errors if the domain is on an internal network
- Some crashes on OpenSSL
- Hard to extend the feature since it's low-level code
It's time to refactor it and find a better alternative.
Acceptance Criteria
- Use
NIOSSLClientHandler and NIOSSLCustomVerificationCallback to get the Remote Certificate during Certificate Evaluation
- Remove all OpenSSL and relevant code
- Test some edge cases and make sure it works
Description
Currently, we're using OpenSSL to fetch the remote certificate, but it doesn't work well in the following scenario:
It's time to refactor it and find a better alternative.
Acceptance Criteria
NIOSSLClientHandlerandNIOSSLCustomVerificationCallbackto get the Remote Certificate during Certificate Evaluation