On Tue, 2019-12-03 at 16:45 +0100, Oleg Kalnichevski wrote: > What I immediately see if that the server sends a different (broken) > SSL certificate chain during the TLS handshake with > RawSSLAsyncRegularTest example. At this point I _cannot_ confirm that > as HttpClient's fault but I will take a closer look tomorrow. > > Oleg > > > On Tue, 2019-12-03 at 15:35 +0100, Nicolas de Pomereu wrote: > > Hi, > > > > With HttpClient 5.0-beta6 Classic APIs, HttpClient call will work > > using > > HttpHost with following code, even if initHost IP is different from > > destServerNameIP: > > > > initHost = "www.acme.com"; > > destServerNameIP = "100.100.100.100"; > > destScheme = "https"; > > port = 443; > > > > InetAddress inetAddress = > > InetAddress.getByName(destServerNameIP); > > final HttpHost target = new HttpHost(destScheme, inetAddress, > > initHost, > > port); > > > > With HttpClient 5.0-beta6 new Async APIs for HTTP/2, HttpClient > > will fail > > with a SSLEngineException failure if initHost IP is different from > > destServerNameIP. > > > > Is this a new feature or a bug please? > >
I found out that async versions of HttpClient presently do not take InetAddress parameter of HttpHost into account. Feel free to raise a JIRA if you want to track resolution of this defect. I am seriously considering removing InetAddress attribute from HttpHost. It should have never been added to the class in the first place. Though I will see if there is an alternative fix that does not involve any changes to the HttpHost as the first step. Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org For additional commands, e-mail: httpclient-users-h...@hc.apache.org
