Add a custom HostnameVerifier for OTLPHttpExporter

[Gargeebhase]

Is your feature request related to a problem? Please describe. We want to ingest telemetry into an OTLP endpoint - the authentication mechanism for that endpoint is a SPIFFE implementation. SPIFFE uses mTLS and uses URIs in the X.509 certificate's SAN, not DNS names. Default hostnameVerification in the http clients requires a DNS name in SAN, which SPIFFE certificates do not have. I could not find a way to set a custom hostnameverifier for the OTLP exporter - due to this, hostnameVerification fails.

Describe the solution you'd like A way to set custom hostnameVerification for http clients for the OTLP exporter - maybe something like setHostnameVerifier() here https://github.com/open-telemetry/opentelemetry-java/blob/main/exporters/sender/okhttp/src/main/java/io/opentelemetry/exporter/sender/okhttp/internal/OkHttpHttpSender.java#L106

Describe alternatives you've considered We've explored running OTel collector sidecars for authentication, however that leads to increased resource usage and we would like to achieve this using the SDK if possible.

Additional context Add any other context or screenshots about the feature request here.

_{Tip: React with 👍 to help prioritize this issue. Please use comments to provide useful context, avoiding +1 or me too, to help us triage it. Learn more here.}

[jack-berg]

Does anyone know if its possible to implement this by customizing SSLCOntext, X509TrustManager? I suspect not but still getting up to speed on the subject.

It doesn't appear that the JDK 11+ HttpClient supports customizing hostname verification. So if we did add this option, it would not be supportable in all sender implementations: https://bugs.openjdk.org/browse/JDK-8213309

[Gargeebhase]

to my knowledge, also, no - it's not possible to implement this by customizing SSLContext, X509TrustManager