Relax X509TrustManager requirement

[yschimke]

Okhttp with custom key/trust managers should support other providers.

Probably returning an empty list of certs, or raw access to handshake?

[yschimke]

The other option since there isn't much OkHttp can do here, is to provide a well known value signalling the trust all isn't used.

OkHttpClient.Builder()
            .sslSocketFactory(sslSocketFactory, TrustManagers.SocketFactoryOnly)