Sidney Beekhoven created HTTPCLIENT-1410:
--------------------------------------------
Summary: AbstractVerifier.acceptableCountryWildcard check not
strict enough
Key: HTTPCLIENT-1410
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1410
Project: HttpComponents HttpClient
Issue Type: Bug
Components: HttpClient
Affects Versions: 4.3 Final
Reporter: Sidney Beekhoven
I work at a company called info.nl in the Netherlands, so our domain is
info.nl. We have a wildcard certificate in use for several services, *.info.nl.
The AbstractVerifier has a method acceptableCountryWildcard which checks that
you don't use eg *.co.uk as the wildcard in the certificate. The second to last
domain part is checked against a fixed list, which includes info so our
wildcard is not accepted.
Apparantly there are some countries where info.<countrycode> is seen as a top
level domain but that is not the case for the netherlands. So the check on this
is not strict enough and should also take into account the top level domain.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
