I dig a bit deeper on this subject and I think it has been introduced by
https://github.com/openjdk/jdk/commit/ba837b4bfa2dea85653d8a8fccd0817a569b4378#diff-25625467b43d4f533bace30665a2d8aaaf60ec7323bd424ff7683e5afd722d14R130
using the hostname from the HTTP request and not using sslParameters#setServerNames
anymore. In the library, I force the IP in the HTTP request to enforce the target IP
keeping the HTTP host header and SNI aligned with the actual value. The detected SNI
is then empty, is it possible to support both detected and specified SNI? Thanks for
the help in advance, Best regards, Nicolas Henneaux On Nov 18, 2024, at 4:25 PM,
Nicolas Henneaux <nico...@henneaux.io> wrote: Hi all, I have built a small
library to target several IP behind a given HTTPS endpoint based on java.net
.http.HttpClient, https://github.com/nhenneaux/resilient-httpclient . It relies for
some endpoints on SNI server name specified through method java.net
.http.HttpClient.Builder#sslParameters#setServerNames. Since Java 22, it does not
work properly for some endpoints, e.g. google.com . I have enabled debug ssl logs and
I get the following log indicating the SNI is ignored. javax.net
.ssl|WARNING|62|HttpClient-1-Worker-0|2024-11-18 15:51:49.496
CET|ServerNameExtension.java:265|Unable to indicate server name javax.net
.ssl|DEBUG|62|HttpClient-1-Worker-0|2024-11-18 15:51:49.496
CET|SSLExtensions.java:272|Ignore, context unavailable extension: server_name I have
a pull request showing the issue for some hosts
https://github.com/nhenneaux/resilient-httpclient/pull/68/files . Is it something
expected on Java 22+ or a bug was introduced? Thank you for your help, Best regards,
Nicolas Henneaux
