[
https://issues.apache.org/jira/browse/HTTPCLIENT-2058?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oleg Kalnichevski resolved HTTPCLIENT-2058.
-------------------------------------------
Resolution: Duplicate
> DefaultHostnameVerifier does not verify local DNS names
> -------------------------------------------------------
>
> Key: HTTPCLIENT-2058
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2058
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Affects Versions: 4.5.11
> Reporter: Farzad Kohantorabi
> Priority: Major
> Attachments: httpcomponentsbug.zip
>
>
> This seems to be a problem that's introduced in 4.5.11.
> DefaultHostnameVerifier does not verify local DNS names anymore and throws
> the following error for one of our certs. The same code works fine in 4.5.10.
> {code:java}
> Certificate for <app-uat.le.dp.xyz.local> doesn't match any of the subject
> alternative names: [app-uat.le.dp.xyz.local, C1234.LE.DP.XYZ.LOCAL] executing
> POST https://app-uat.le.dp.xyz.local:8443/someurl {code}
> I traced the issue down to
> org.apache.http.conn.ssl.DefaultHostnameVerifier#matchIdentity line 204 where
> publicSuffixMatcher.getDomainRoot(identity, domainType) returns null for
> app-uat.le.dp.xyz.local where as in version 4.5.10 it returns "local".
> Attached maven project has a unit test that uses a self signed cert to
> exhibit the problem. I've included both the cert and the file that I used to
> create the cert.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
