Code example for SSLPeerUnverifiedException

0
      */ 
    private void verifyHostname(Socket socket, String hostname) throws IOException {
        // The code at the start of OpenSSLSocketImpl.startHandshake() 
        // ensures that the call is idempotent, so we can safely call it. 
        SSLSocket ssl = (SSLSocket) socket;
        ssl.startHandshake();
 
        SSLSession session = ssl.getSession();
        if (session == null) {
            throw new SSLException("Cannot verify SSL socket without session");
        } 
        // TODO: Instead of reporting the name of the server we think we're connecting to, 
        // we should be reporting the bad name in the certificate.  Unfortunately this is buried 
        // in the verifier code and is not available in the verifier API, and extracting the 
        // CN & alts is beyond the scope of this patch. 
        if (!HOSTNAME_VERIFIER.verify(hostname, session)) {
            throw new SSLPeerUnverifiedException(
                    "Certificate hostname not useable for server: " + hostname);
        } 
    }