[
https://issues.apache.org/jira/browse/HTTPCLIENT-1407?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oleg Kalnichevski deleted HTTPCLIENT-1407:
------------------------------------------
> AbstractVerfifier.acceptableCountryWildcard not strict enough
> -------------------------------------------------------------
>
> Key: HTTPCLIENT-1407
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1407
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Reporter: Sidney Beekhoven
> Labels: certificate, ssl, wildcard
>
> I work at a company called info.nl in the Netherlands, so our domain is
> info.nl. We have a wildcard certificate in use for several services,
> *.info.nl.
> The AbstractVerifier has a method acceptableCountryWildcard which checks that
> you don't use eg *.co.uk as the wildcard in the certificate. The second to
> last domain part is checked against a fixed list, which includes info so our
> wildcard is not accepted.
> Apparantly there are some countries where info.<countrycode> is seen as a top
> level domain but that is not the case for the netherlands. So the check on
> this is not strict enough and should also take into account the top level
> domain.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
