Andy Signer created HTTPCLIENT-1906:

             Summary: HttpClient rejects valid certificates with subjectAltNames
                 Key: HTTPCLIENT-1906
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient (classic)
    Affects Versions: 5.0 Alpha2, 4.5.3
            Reporter: Andy Signer

A certificate containing only an email address (declared as rfc822Name) in 
subjectAltName gets rejected. This change was introduced with HTTPCLIENT-1802.

HttpClient should fall back onto CN for hostname verification instead of 
rejecting the certificate as invalid.

A unit test demonstrating the issue:


This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

Reply via email to