[
https://issues.apache.org/jira/browse/DIRMINA-1122?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marcin L updated DIRMINA-1122:
------------------------------
Description:
Support for endpoint identification algorithm was added in Java 1.7. Currently
MINA supports providing single SNI name via
org.apache.mina.filter.ssl.SslFilter#PEER_ADDRESS session attribute, but there
is no way verifying it matches the certificate received.
It would be nice if we could provide endpoint identification algorithm to
SslFilter so certificate's common name or subject alternative names are
verified.
was:
Support for endpoint identification algorithm was added in Java 1.7. Currently
MINA supports providing single SNI name via
org.apache.mina.filter.ssl.SslFilter#PEER_ADDRESS session attribute, but there
is no way verifying it matches the certificate received.
It would be nice if we could provide endpoint identification algorithm to
SSLFilter so certificate's common name or subject alternative names are
verified.
> Add support for endpoint identification algorithm
> -------------------------------------------------
>
> Key: DIRMINA-1122
> URL: https://issues.apache.org/jira/browse/DIRMINA-1122
> Project: MINA
> Issue Type: Improvement
> Components: Filter, SSL
> Affects Versions: 2.0.22, 2.1.3
> Reporter: Marcin L
> Priority: Minor
>
> Support for endpoint identification algorithm was added in Java 1.7.
> Currently MINA supports providing single SNI name via
> org.apache.mina.filter.ssl.SslFilter#PEER_ADDRESS session attribute, but
> there is no way verifying it matches the certificate received.
> It would be nice if we could provide endpoint identification algorithm to
> SslFilter so certificate's common name or subject alternative names are
> verified.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
