[
https://issues.apache.org/jira/browse/HTTPCLIENT-1119?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13796785#comment-13796785
]
Oleg Kalnichevski commented on HTTPCLIENT-1119:
-----------------------------------------------
I don't know. This only makes SNI support in Java 7 look shoddier to me. Anyway
I am glad the problem can be worked around this way though I do not quite
understand why creating a plain socket and then laying SSL over it should
behave differently than just creating a SSLSocket directly (which internally
should be doing the same anyway). I would happily commit the patch if you could
port and re-test it with HC 4.3.
Oleg
> Server Name Indication (SNI) Support
> ------------------------------------
>
> Key: HTTPCLIENT-1119
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1119
> Project: HttpComponents HttpClient
> Issue Type: Improvement
> Components: HttpClient
> Reporter: Gus Power
> Labels: sni, ssl, tls, vhost
> Fix For: Future
>
> Attachments: apache_httpclient_4.2.x_sni.patch,
> HTTPCLIENT-1119-support-SNI-on-Java-7-via-setHost-of.patch
>
>
> Provide support for Server Name Indication (SNI) support as per RFC 3546
> (section 3.1).
> Currently attempting to connect to SNI enabled host 'expectedhost' over SSL
> using http client results in an SSLException similar to:
> javax.net.ssl.SSLException: hostname in certificate didn't match:
> <expectedhost> != <defaulthost>
> at
> org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:220)
> We use SNI on some of our environments and were trying to use httpclient to
> automatically test host access and availability.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
