From c4be72d3d89516332952d4f4823c8a238f239790 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20Lindstr=C3=B6m?= <martin.lindstrom@litsec.se>
Date: Thu, 26 Oct 2023 22:15:25 +0200
Subject: [PATCH] IS-167 Hostname verification disabled

---
 .../authn/saml/config/MetadataProviderConfiguration.java      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/authn/saml/src/main/java/se/swedenconnect/signservice/authn/saml/config/MetadataProviderConfiguration.java b/authn/saml/src/main/java/se/swedenconnect/signservice/authn/saml/config/MetadataProviderConfiguration.java
index 68956374..5bf0e158 100644
--- a/authn/saml/src/main/java/se/swedenconnect/signservice/authn/saml/config/MetadataProviderConfiguration.java
+++ b/authn/saml/src/main/java/se/swedenconnect/signservice/authn/saml/config/MetadataProviderConfiguration.java
@@ -30,7 +30,7 @@
 
 import org.apache.commons.lang3.StringUtils;
 import org.apache.hc.client5.http.classic.HttpClient;
-import org.apache.hc.client5.http.ssl.DefaultHostnameVerifier;
+import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
 
 import jakarta.annotation.Nonnull;
 import jakarta.annotation.Nullable;
@@ -206,7 +206,7 @@ else if (StringUtils.isNotBlank(this.file)) {
   protected HttpClient createHttpClient() {
     try {
       final List<TrustManager> managers = Arrays.asList(HttpClientSupport.buildNoTrustX509TrustManager());
-      final HostnameVerifier hnv = new DefaultHostnameVerifier();
+      final HostnameVerifier hnv = new NoopHostnameVerifier();
 
       HttpClientBuilder builder = new HttpClientBuilder();
       builder.setUseSystemProperties(true);