subject:"How Do I Set SNI\(Server Name Indentification\)"

Re: How Do I Set SNI(Server Name Indentification)

2023-08-12 Thread Oleg Kalnichevski

On Sat, 2023-08-12 at 12:27 +0300, Petar Tahchiev wrote:
> Yes,
> like I already mentioned it is not a SNI problem.
> 
> Because I was using PoolingAsyncClientConnectionManager I decided to
> replace it with PoolingHttpClientConnectionManager and it worked. So
> the
> problem is not in the SNI but in the
> PoolingAsyncClientConnectionManager. I
> am following this guide exactly:
> https://hc.apache.org/httpcomponents-client-5.2.x/migration-guide/migration-to-async-simple.html
> 
> and I don't know what to do - I always get
> org.apache.hc.core5.util.TimeoutValueException.
> 
> 

Petar

No one, just no one here is going to debug your code for you. Please
start with something very simple, something straight out of the
migration guide, make sure it works, and gradually make it more
complex, more specific to your particular application domain, step by
step. If at any point things stop working, you likely know what the
possible cause may be.

Oleg   

-
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org

Re: How Do I Set SNI(Server Name Indentification)

2023-08-12 Thread Petar Tahchiev

Yes,
like I already mentioned it is not a SNI problem.

Because I was using PoolingAsyncClientConnectionManager I decided to
replace it with PoolingHttpClientConnectionManager and it worked. So the
problem is not in the SNI but in the PoolingAsyncClientConnectionManager. I
am following this guide exactly:
https://hc.apache.org/httpcomponents-client-5.2.x/migration-guide/migration-to-async-simple.html

and I don't know what to do - I always get
org.apache.hc.core5.util.TimeoutValueException.


На сб, 12.08.2023 г. в 12:16 ч. Oleg Kalnichevski  написа:

> I see no evidence of SNI not working:
>
> try (final CloseableHttpAsyncClient client = HttpAsyncClients.custom()
> .build()) {
>
> client.start();
>
> final HttpHost endpoint = new HttpHost("https", InetAddress.getByName("
> www.google.com"), "www.google.ch", 443);
> final HttpClientContext clientContext = HttpClientContext.create();
>
> final SimpleHttpRequest request = SimpleRequestBuilder.get()
> .setPath("/")
> .build();
>
> System.out.println("Executing request " + request);
> final Future future = client.execute(
> endpoint,
> SimpleRequestProducer.create(request),
> SimpleResponseConsumer.create(),
> null,
> clientContext,
> new FutureCallback() {
>
> @Override
> public void completed(final SimpleHttpResponse response) {
> System.out.println(request + "->" + new
> StatusLine(response));
> final SSLSession sslSession =
> clientContext.getSSLSession();
> if (sslSession != null) {
> System.out.println("SSL protocol " +
> sslSession.getProtocol());
> System.out.println("SSL cipher suite " +
> sslSession.getCipherSuite());
> }
> System.out.println(response.getBody());
> }
>
> @Override
> public void failed(final Exception ex) {
> System.out.println(request + "->" + ex);
> }
>
> @Override
> public void cancelled() {
> System.out.println(request + " cancelled");
> }
>
> });
> future.get();
>
> System.out.println("Shutting down");
> client.close(CloseMode.GRACEFUL);
> }
>
> Executing request GET /
> 2023-08-12 11:11:53,809 DEBUG
> [main][org.apache.hc.client5.http.impl.async.InternalAbstractHttpAsyncClient]
> ex-01 preparing request execution
> 2023-08-12 11:11:53,817 DEBUG
> [main][org.apache.hc.client5.http.impl.async.AsyncProtocolExec]
> ex-01 target auth state: UNCHALLENGED
> 2023-08-12 11:11:53,817 DEBUG
> [main][org.apache.hc.client5.http.impl.async.AsyncProtocolExec]
> ex-01 proxy auth state: UNCHALLENGED
> 2023-08-12 11:11:53,819 DEBUG
> [main][org.apache.hc.client5.http.impl.async.AsyncConnectExec]
> ex-01 acquiring connection with route {s}->
> https://www.google.ch:443
> 2023-08-12 11:11:53,819 DEBUG
> [main][org.apache.hc.client5.http.impl.async.InternalHttpAsyncClient]
> ex-01 acquiring endpoint (3 MINUTES)
> 2023-08-12 11:11:53,821 DEBUG
> [main][org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager]
> ex-01 endpoint lease request (3 MINUTES) [route: {s}->
> https://www.google.ch:443][total available: 0; route allocated: 0 of 5;
> total allocated: 0 of 25]
> 2023-08-12 11:11:53,823 DEBUG
> [main][org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager]
> ex-01 endpoint leased [route: {s}->https://www.google.ch:443][total
> available: 0; route allocated: 1 of 5; total allocated: 1 of 25]
> 2023-08-12 11:11:53,824 DEBUG
> [main][org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager]
> ex-01 acquired ep-01
> 2023-08-12 11:11:53,824 DEBUG
> [main][org.apache.hc.client5.http.impl.async.InternalHttpAsyncClient]
> ex-01 acquired endpoint ep-01
> 2023-08-12 11:11:53,824 DEBUG
> [main][org.apache.hc.client5.http.impl.async.InternalHttpAsyncClient]
> ep-01 connecting endpoint (null)
> 2023-08-12 11:11:53,825 DEBUG
> [main][org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager]
> ep-01 connecting endpoint to https://www.google.ch:443 (3 MINUTES)
> 2023-08-12 11:11:53,825 DEBUG
> [main][org.apache.hc.client5.http.impl.nio.MultihomeIOSessionRequester]
> www.google.ch:443 connecting null to www.google.com/142.250.184.68:443 (3
> MINUTES)
> 2023-08-12 11:11:53,890 DEBUG
> [httpclient-dispatch-1][org.apache.hc.client5.http.impl.nio.DefaultManagedAsyncClientConnection]
> c-00 start TLS
> 2023-08-12 11:11:53,904 DEBUG
> [httpclient-dispatch-1][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy]
> Enabled protocols: [TLSv1.2]
> 2023-08-12 11:11:53,904 DEBUG
>

Re: How Do I Set SNI(Server Name Indentification)

2023-08-12 Thread Oleg Kalnichevski

I see no evidence of SNI not working:

try (final CloseableHttpAsyncClient client = HttpAsyncClients.custom()
.build()) {

client.start();

final HttpHost endpoint = new HttpHost("https", 
InetAddress.getByName("www.google.com"), "www.google.ch", 443);
final HttpClientContext clientContext = HttpClientContext.create();

final SimpleHttpRequest request = SimpleRequestBuilder.get()
.setPath("/")
.build();

System.out.println("Executing request " + request);
final Future future = client.execute(
endpoint,
SimpleRequestProducer.create(request),
SimpleResponseConsumer.create(),
null,
clientContext,
new FutureCallback() {

@Override
public void completed(final SimpleHttpResponse response) {
System.out.println(request + "->" + new 
StatusLine(response));
final SSLSession sslSession = clientContext.getSSLSession();
if (sslSession != null) {
System.out.println("SSL protocol " + 
sslSession.getProtocol());
System.out.println("SSL cipher suite " + 
sslSession.getCipherSuite());
}
System.out.println(response.getBody());
}

@Override
public void failed(final Exception ex) {
System.out.println(request + "->" + ex);
}

@Override
public void cancelled() {
System.out.println(request + " cancelled");
}

});
future.get();

System.out.println("Shutting down");
client.close(CloseMode.GRACEFUL);
}

Executing request GET /
2023-08-12 11:11:53,809 DEBUG 
[main][org.apache.hc.client5.http.impl.async.InternalAbstractHttpAsyncClient] 
ex-01 preparing request execution
2023-08-12 11:11:53,817 DEBUG 
[main][org.apache.hc.client5.http.impl.async.AsyncProtocolExec] ex-01 
target auth state: UNCHALLENGED
2023-08-12 11:11:53,817 DEBUG 
[main][org.apache.hc.client5.http.impl.async.AsyncProtocolExec] ex-01 
proxy auth state: UNCHALLENGED
2023-08-12 11:11:53,819 DEBUG 
[main][org.apache.hc.client5.http.impl.async.AsyncConnectExec] ex-01 
acquiring connection with route {s}->https://www.google.ch:443
2023-08-12 11:11:53,819 DEBUG 
[main][org.apache.hc.client5.http.impl.async.InternalHttpAsyncClient] 
ex-01 acquiring endpoint (3 MINUTES)
2023-08-12 11:11:53,821 DEBUG 
[main][org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager] 
ex-01 endpoint lease request (3 MINUTES) [route: 
{s}->https://www.google.ch:443][total available: 0; route allocated: 0 of 5; 
total allocated: 0 of 25]
2023-08-12 11:11:53,823 DEBUG 
[main][org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager] 
ex-01 endpoint leased [route: {s}->https://www.google.ch:443][total 
available: 0; route allocated: 1 of 5; total allocated: 1 of 25]
2023-08-12 11:11:53,824 DEBUG 
[main][org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager] 
ex-01 acquired ep-01
2023-08-12 11:11:53,824 DEBUG 
[main][org.apache.hc.client5.http.impl.async.InternalHttpAsyncClient] 
ex-01 acquired endpoint ep-01
2023-08-12 11:11:53,824 DEBUG 
[main][org.apache.hc.client5.http.impl.async.InternalHttpAsyncClient] 
ep-01 connecting endpoint (null)
2023-08-12 11:11:53,825 DEBUG 
[main][org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager] 
ep-01 connecting endpoint to https://www.google.ch:443 (3 MINUTES)
2023-08-12 11:11:53,825 DEBUG 
[main][org.apache.hc.client5.http.impl.nio.MultihomeIOSessionRequester] 
www.google.ch:443 connecting null to www.google.com/142.250.184.68:443 (3 
MINUTES)
2023-08-12 11:11:53,890 DEBUG 
[httpclient-dispatch-1][org.apache.hc.client5.http.impl.nio.DefaultManagedAsyncClientConnection]
 c-00 start TLS
2023-08-12 11:11:53,904 DEBUG 
[httpclient-dispatch-1][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy]
 Enabled protocols: [TLSv1.2]
2023-08-12 11:11:53,904 DEBUG 
[httpclient-dispatch-1][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy]
 Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, 
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, 
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, 
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,

Re: How Do I Set SNI(Server Name Indentification)

2023-08-11 Thread Shawn Heisey


On 8/10/23 14:03, Petar Tahchiev wrote:

Hi Jochen,
I don't have 2 different SSL certificates.
I have no idea what  SNI is but that seems to be the only difference in the
log from curl and httpclient5.


https://en.wikipedia.org/wiki/Server_Name_Indication

Basically it's a feature of TLS that allows a client to send a hint to a 
server so it can decide which certificate to send.  With HTTPS, the SNI 
value is typically the same as the Host header value that is later sent 
over the encrypted channel.  With httpclient implementations, the SNI 
value is usually extracted from the URL that has been requested.  So a 
request for "https://www.example.com/some/path; would set the SNI and 
Host header to www.example.com.


This issue seems to be a case where the SNI value is missing, or maybe 
sent or interpreted as the literal string "null".


It seems odd that SNI could affect a server that doesn't have more than 
one certificate.  Unless the server is deciding to not proceed with the 
connection at all because it doesn't have a certificate that matches the 
missing or incorrect SNI value.


I have seen that things can often get fuzzy with Java software and TLS, 
because Sun wrote their own implementation of TLS for Java, and it 
sometimes does not behave exactly the same as other implementations. 
I'm not trying to say that their implementation is wrong, but it does 
behave differently than another implementation like openssl.


I hope you can get the info you need to work around the difficulty.

Thanks,
Shawn

-
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org

Re: How Do I Set SNI(Server Name Indentification)

2023-08-11 Thread Gary Gregory

Hi Peter,

If we can improve our migration guide, then I'm all for it. I'm not sure
how to condense this into a simple before and after example though.

Gary

On Fri, Aug 11, 2023, 8:01 AM Petar Tahchiev  wrote:

> Hi Oleg,
> sorry but I am new with this. "This, of course, is not going to work" -
> what is not going to work and why not?
>
> "You need to pass HttpHost with the IP address of the physical endpoint.
> This cannot be done with Simple* messages. They are simple for a reason." -
> I don't understand this. Where do I need to pass the HttpHost? And why? The
> documentation here says nothing about HttpHost:
>
> https://hc.apache.org/httpcomponents-client-5.2.x/migration-guide/migration-to-async-simple.html
>
> На пт, 11.08.2023 г. в 13:48 ч. Oleg Kalnichevski 
> написа:
>
> > On Fri, 2023-08-11 at 13:08 +0300, Petar Tahchiev wrote:
> > > Hello,
> > >
> > > so I'm getting closer. Because I was
> > > using PoolingAsyncClientConnectionManager I decided to replace it
> > > with PoolingHttpClientConnectionManager and it worked. So the problem
> > > is
> > > not in the SNI but in the PoolingAsyncClientConnectionManager. I am
> > > following this guide exactly:
> > >
> >
> https://hc.apache.org/httpcomponents-client-5.2.x/migration-guide/migration-to-async-simple.html
> > >
> > > and I don't know what to do - I always get
> > > org.apache.hc.core5.util.TimeoutValueException.
> > >
> > > This is my code:
> >
> > This, of course, is not going to work. You need to pass HttpHost with
> > the IP address of the physical endpoint. This cannot be done with
> > Simple* messages. They are simple for a reason.
> >
> > Oleg
> >
> >
> >
> > > -
> > > -
> > > --
> > > try {
> > > final SSLContext sslcontext =
> > > SSLContexts.custom().loadTrustMaterial((chain, authType) ->
> > > true).build();
> > >
> > > int timeout = 15;
> > >
> > > PoolingAsyncClientConnectionManager ccm =
> > > PoolingAsyncClientConnectionManagerBuilder.create().setTlsStrategy(Cl
> > > ientTlsStrategyBuilder.create()
> > > .setSslContext(sslcontext)
> > > .setTlsVersions(TLS.V_1_2)
> > > .setHostnameVerifier(
> > > NoopHostnameVerifier.INSTANCE)
> > > .build())
> > >
> > > .setConnectionTimeToLive(TimeValue.ofMinutes(1L)).build();
> > >
> > > try (CloseableHttpAsyncClient httpclient =
> > > HttpAsyncClients.custom().setConnectionManager(ccm).setDefaultRequest
> > > Config(
> > >
> > > RequestConfig.custom().setConnectTimeout(Timeout.ofSeconds(timeout)).
> > > setResponseTimeout(Timeout.ofSeconds(timeout))
> > >
> > > .setCookieSpec("STANDARD_STRICT").build()).setVersionPolicy(HttpVersi
> > > onPolicy.NEGOTIATE).build())
> > > {
> > >
> > > httpclient.start();
> > >
> > > SimpleHttpRequest httpGet =
> > > SimpleHttpRequests.get(new
> > > URI(restBaseUrl + "auth"));
> > > httpGet.setHeader("X-Nemesis-Username", username);
> > > httpGet.setHeader("X-Nemesis-Password", password);
> > >
> > > Future future =
> > > httpclient.execute(httpGet, null);
> > >
> > > SimpleHttpResponse response = future.get(timeout,
> > > TimeUnit.SECONDS);
> > >
> > > final String responseText =
> > > response.getBody().getBodyText();
> > > -
> > > -
> > > --
> > > and the worst part is I don't know how to debug it.
> > > Here's the log:
> > >
> > > =
> > > 
> > > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > > ex-0002: preparing request execution
> > > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > > Cookie
> > > spec selected: STANDARD_STRICT
> > > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > > Unsupported cookie spec: STANDARD_STRICT
> > > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > > Auth
> > > cache not set in the context
> > > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > > ex-0002: target auth state: UNCHALLENGED
> > > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > > ex-0002: proxy auth state: UNCHALLENGED
> > > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > > ex-0002: acquiring connection with route {s}-
> > > >https://localhost:8112
> > > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > > ex-0002: acquiring endpoint (3 MINUTES)
> > > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > > ex-0002:

Re: How Do I Set SNI(Server Name Indentification)

2023-08-11 Thread Petar Tahchiev

Hi Oleg,
sorry but I am new with this. "This, of course, is not going to work" -
what is not going to work and why not?

"You need to pass HttpHost with the IP address of the physical endpoint.
This cannot be done with Simple* messages. They are simple for a reason." -
I don't understand this. Where do I need to pass the HttpHost? And why? The
documentation here says nothing about HttpHost:
https://hc.apache.org/httpcomponents-client-5.2.x/migration-guide/migration-to-async-simple.html

На пт, 11.08.2023 г. в 13:48 ч. Oleg Kalnichevski  написа:

> On Fri, 2023-08-11 at 13:08 +0300, Petar Tahchiev wrote:
> > Hello,
> >
> > so I'm getting closer. Because I was
> > using PoolingAsyncClientConnectionManager I decided to replace it
> > with PoolingHttpClientConnectionManager and it worked. So the problem
> > is
> > not in the SNI but in the PoolingAsyncClientConnectionManager. I am
> > following this guide exactly:
> >
> https://hc.apache.org/httpcomponents-client-5.2.x/migration-guide/migration-to-async-simple.html
> >
> > and I don't know what to do - I always get
> > org.apache.hc.core5.util.TimeoutValueException.
> >
> > This is my code:
>
> This, of course, is not going to work. You need to pass HttpHost with
> the IP address of the physical endpoint. This cannot be done with
> Simple* messages. They are simple for a reason.
>
> Oleg
>
>
>
> > -
> > -
> > --
> > try {
> > final SSLContext sslcontext =
> > SSLContexts.custom().loadTrustMaterial((chain, authType) ->
> > true).build();
> >
> > int timeout = 15;
> >
> > PoolingAsyncClientConnectionManager ccm =
> > PoolingAsyncClientConnectionManagerBuilder.create().setTlsStrategy(Cl
> > ientTlsStrategyBuilder.create()
> > .setSslContext(sslcontext)
> > .setTlsVersions(TLS.V_1_2)
> > .setHostnameVerifier(
> > NoopHostnameVerifier.INSTANCE)
> > .build())
> >
> > .setConnectionTimeToLive(TimeValue.ofMinutes(1L)).build();
> >
> > try (CloseableHttpAsyncClient httpclient =
> > HttpAsyncClients.custom().setConnectionManager(ccm).setDefaultRequest
> > Config(
> >
> > RequestConfig.custom().setConnectTimeout(Timeout.ofSeconds(timeout)).
> > setResponseTimeout(Timeout.ofSeconds(timeout))
> >
> > .setCookieSpec("STANDARD_STRICT").build()).setVersionPolicy(HttpVersi
> > onPolicy.NEGOTIATE).build())
> > {
> >
> > httpclient.start();
> >
> > SimpleHttpRequest httpGet =
> > SimpleHttpRequests.get(new
> > URI(restBaseUrl + "auth"));
> > httpGet.setHeader("X-Nemesis-Username", username);
> > httpGet.setHeader("X-Nemesis-Password", password);
> >
> > Future future =
> > httpclient.execute(httpGet, null);
> >
> > SimpleHttpResponse response = future.get(timeout,
> > TimeUnit.SECONDS);
> >
> > final String responseText =
> > response.getBody().getBodyText();
> > -
> > -
> > --
> > and the worst part is I don't know how to debug it.
> > Here's the log:
> >
> > =
> > 
> > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > ex-0002: preparing request execution
> > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > Cookie
> > spec selected: STANDARD_STRICT
> > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > Unsupported cookie spec: STANDARD_STRICT
> > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > Auth
> > cache not set in the context
> > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > ex-0002: target auth state: UNCHALLENGED
> > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > ex-0002: proxy auth state: UNCHALLENGED
> > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > ex-0002: acquiring connection with route {s}-
> > >https://localhost:8112
> > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > ex-0002: acquiring endpoint (3 MINUTES)
> > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > ex-0002: endpoint lease request (3 MINUTES) [route:
> > {s}->https://localhost:8112][total available: 0; route allocated: 0
> > of 5;
> > total allocated: 0 of 25]
> > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> > ex-0002: endpoint leased [route: {s}-
> > >https://localhost:8112][total
> > available: 0; route allocated: 1 of 5; total allocated: 1 of 25]
> > 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7]

Re: How Do I Set SNI(Server Name Indentification)

2023-08-11 Thread Oleg Kalnichevski

On Fri, 2023-08-11 at 13:08 +0300, Petar Tahchiev wrote:
> Hello,
> 
> so I'm getting closer. Because I was
> using PoolingAsyncClientConnectionManager I decided to replace it
> with PoolingHttpClientConnectionManager and it worked. So the problem
> is
> not in the SNI but in the PoolingAsyncClientConnectionManager. I am
> following this guide exactly:
> https://hc.apache.org/httpcomponents-client-5.2.x/migration-guide/migration-to-async-simple.html
> 
> and I don't know what to do - I always get
> org.apache.hc.core5.util.TimeoutValueException.
> 
> This is my code:

This, of course, is not going to work. You need to pass HttpHost with
the IP address of the physical endpoint. This cannot be done with
Simple* messages. They are simple for a reason.

Oleg



> -
> -
> --
> try {
>     final SSLContext sslcontext =
> SSLContexts.custom().loadTrustMaterial((chain, authType) ->
> true).build();
> 
>     int timeout = 15;
> 
>     PoolingAsyncClientConnectionManager ccm =
> PoolingAsyncClientConnectionManagerBuilder.create().setTlsStrategy(Cl
> ientTlsStrategyBuilder.create()
>     .setSslContext(sslcontext)
>     .setTlsVersions(TLS.V_1_2)
>     .setHostnameVerifier(
>     NoopHostnameVerifier.INSTANCE)
>     .build())
>    
> .setConnectionTimeToLive(TimeValue.ofMinutes(1L)).build();
> 
>     try (CloseableHttpAsyncClient httpclient =
> HttpAsyncClients.custom().setConnectionManager(ccm).setDefaultRequest
> Config(
> 
> RequestConfig.custom().setConnectTimeout(Timeout.ofSeconds(timeout)).
> setResponseTimeout(Timeout.ofSeconds(timeout))
> 
> .setCookieSpec("STANDARD_STRICT").build()).setVersionPolicy(HttpVersi
> onPolicy.NEGOTIATE).build())
> {
> 
>     httpclient.start();
> 
>     SimpleHttpRequest httpGet =
> SimpleHttpRequests.get(new
> URI(restBaseUrl + "auth"));
>     httpGet.setHeader("X-Nemesis-Username", username);
>     httpGet.setHeader("X-Nemesis-Password", password);
> 
>     Future future =
> httpclient.execute(httpGet, null);
> 
>     SimpleHttpResponse response = future.get(timeout,
> TimeUnit.SECONDS);
> 
>     final String responseText =
> response.getBody().getBodyText();
> -
> -
> --
> and the worst part is I don't know how to debug it.
> Here's the log:
> 
> =
> 
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> ex-0002: preparing request execution
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> Cookie
> spec selected: STANDARD_STRICT
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> Unsupported cookie spec: STANDARD_STRICT
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> Auth
> cache not set in the context
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> ex-0002: target auth state: UNCHALLENGED
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> ex-0002: proxy auth state: UNCHALLENGED
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> ex-0002: acquiring connection with route {s}-
> >https://localhost:8112
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> ex-0002: acquiring endpoint (3 MINUTES)
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> ex-0002: endpoint lease request (3 MINUTES) [route:
> {s}->https://localhost:8112][total available: 0; route allocated: 0
> of 5;
> total allocated: 0 of 25]
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> ex-0002: endpoint leased [route: {s}-
> >https://localhost:8112][total
> available: 0; route allocated: 1 of 5; total allocated: 1 of 25]
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> ex-0002: acquired ep-0001
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> ex-0002: acquired endpoint ep-0001
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> ep-0001: connecting endpoint (15 SECONDS)
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> ep-0001: connecting endpoint to https://localhost:8112 (15
> SECONDS)
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> https://localhost:8112: resolving remote address
> 2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
> https://localhost:8112: resolved to [localhost/127.0.0.1]
> 2023-08-11 13:07:14,877 [https-jsse-nio-0.0.0.0-8443-exec-7]

Re: How Do I Set SNI(Server Name Indentification)

2023-08-11 Thread Petar Tahchiev

Hello,

so I'm getting closer. Because I was
using PoolingAsyncClientConnectionManager I decided to replace it
with PoolingHttpClientConnectionManager and it worked. So the problem is
not in the SNI but in the PoolingAsyncClientConnectionManager. I am
following this guide exactly:
https://hc.apache.org/httpcomponents-client-5.2.x/migration-guide/migration-to-async-simple.html

and I don't know what to do - I always get
org.apache.hc.core5.util.TimeoutValueException.

This is my code:

try {
final SSLContext sslcontext =
SSLContexts.custom().loadTrustMaterial((chain, authType) -> true).build();

int timeout = 15;

PoolingAsyncClientConnectionManager ccm =
PoolingAsyncClientConnectionManagerBuilder.create().setTlsStrategy(ClientTlsStrategyBuilder.create()
.setSslContext(sslcontext)
.setTlsVersions(TLS.V_1_2)
.setHostnameVerifier(
NoopHostnameVerifier.INSTANCE)
.build())
.setConnectionTimeToLive(TimeValue.ofMinutes(1L)).build();

try (CloseableHttpAsyncClient httpclient =
HttpAsyncClients.custom().setConnectionManager(ccm).setDefaultRequestConfig(

RequestConfig.custom().setConnectTimeout(Timeout.ofSeconds(timeout)).setResponseTimeout(Timeout.ofSeconds(timeout))

.setCookieSpec("STANDARD_STRICT").build()).setVersionPolicy(HttpVersionPolicy.NEGOTIATE).build())
{

httpclient.start();

SimpleHttpRequest httpGet = SimpleHttpRequests.get(new
URI(restBaseUrl + "auth"));
httpGet.setHeader("X-Nemesis-Username", username);
httpGet.setHeader("X-Nemesis-Password", password);

Future future =
httpclient.execute(httpGet, null);

SimpleHttpResponse response = future.get(timeout,
TimeUnit.SECONDS);

final String responseText =
response.getBody().getBodyText();

and the worst part is I don't know how to debug it.
Here's the log:

=
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
ex-0002: preparing request execution
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG: Cookie
spec selected: STANDARD_STRICT
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
Unsupported cookie spec: STANDARD_STRICT
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG: Auth
cache not set in the context
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
ex-0002: target auth state: UNCHALLENGED
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
ex-0002: proxy auth state: UNCHALLENGED
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
ex-0002: acquiring connection with route {s}->https://localhost:8112
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
ex-0002: acquiring endpoint (3 MINUTES)
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
ex-0002: endpoint lease request (3 MINUTES) [route:
{s}->https://localhost:8112][total available: 0; route allocated: 0 of 5;
total allocated: 0 of 25]
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
ex-0002: endpoint leased [route: {s}->https://localhost:8112][total
available: 0; route allocated: 1 of 5; total allocated: 1 of 25]
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
ex-0002: acquired ep-0001
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
ex-0002: acquired endpoint ep-0001
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
ep-0001: connecting endpoint (15 SECONDS)
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
ep-0001: connecting endpoint to https://localhost:8112 (15 SECONDS)
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
https://localhost:8112: resolving remote address
2023-08-11 13:07:14,876 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
https://localhost:8112: resolved to [localhost/127.0.0.1]
2023-08-11 13:07:14,877 [https-jsse-nio-0.0.0.0-8443-exec-7] DEBUG:
https://localhost:8112: connecting null to localhost/127.0.0.1:8112 (15
SECONDS)
2023-08-11 13:07:14,877 [httpclient-dispatch-1] DEBUG:
https://localhost:8112: connected c-01 /127.0.0.1:52420->localhost/
127.0.0.1:8112
2023-08-11 13:07:14,877 [httpclient-dispatch-1] DEBUG: c-01: start
TLS
2023-08-11 13:07:14,877 [httpclient-dispatch-1] DEBUG: ep-0001:
connected c-01
2023-08-11 13:07:14,877 [httpclient-dispatch-1] DEBUG: ep-0001:
endpoint connected

Re: How Do I Set SNI(Server Name Indentification)

2023-08-11 Thread Oleg Kalnichevski

On Thu, 2023-08-10 at 22:40 +0300, Petar Tahchiev wrote:
> Hmm,
> 
> I tried now setting the Host header:
> 
> 
> httpGet.setHeader("Host", "localhost");
> 
> 

This is wrong. You should not be doing that. You should let HttpClient
generate the Host header when appropriate. HttpClient will also
automatically take care of SNI for you.

Oleg

-
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org

Re: How Do I Set SNI(Server Name Indentification)

2023-08-10 Thread Petar Tahchiev

Hi Jochen,
I don't have 2 different SSL certificates.
I have no idea what  SNI is but that seems to be the only difference in the
log from curl and httpclient5.

This is from curl:
--
 2023-08-10 21:34:05,099 org.apache.tomcat.util.threads.LimitLatch
[https-jsse-nio-0.0.0.0-8112-Acceptor] DEBUG: Counting
up[https-jsse-nio-0.0.0.0-8112-Acceptor] latch=1
 2023-08-10 21:34:05,101 org.apache.tomcat.util.net.SecureNioChannel
[https-jsse-nio-0.0.0.0-8112-exec-2] DEBUG: *The SNI host name extracted
for connection [java.nio.channels.SocketChannel[connected
local=/127.0.0.1:8112  remote=/127.0.0.1:55478
]] was [localhost]*
 2023-08-10 21:34:05,117 org.apache.tomcat.util.net.NioEndpoint
[https-jsse-nio-0.0.0.0-8112-exec-2] DEBUG: Registered write interest for
[org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@555bd3a4
:org.apache.tomcat.util.net.SecureNioChannel@dcab21d:java.nio.channels.SocketChannel[connected
local=/127.0.0.1:8112 remote=/127.0.0.1:55478]]
 2023-08-10 21:34:05,117 org.apache.tomcat.util.net.NioEndpoint
[https-jsse-nio-0.0.0.0-8112-exec-3] DEBUG: Registered write interest for
[org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@555bd3a4
:org.apache.tomcat.util.net.SecureNioChannel@dcab21d:java.nio.channels.SocketChannel[connected
local=/127.0.0.1:8112 remote=/127.0.0.1:55478]]
 2023-08-10 21:34:05,118 org.apache.tomcat.util.net.NioEndpoint
[https-jsse-nio-0.0.0.0-8112-exec-4] DEBUG: Registered read interest for
[org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@555bd3a4
:org.apache.tomcat.util.net.SecureNioChannel@dcab21d:java.nio.channels.SocketChannel[connected
local=/127.0.0.1:8112 remote=/127.0.0.1:55478]]
 2023-08-10 21:34:05,119 org.apache.tomcat.util.net.NioEndpoint
[https-jsse-nio-0.0.0.0-8112-exec-5] DEBUG: Registered write interest for
[org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@555bd3a4
:org.apache.tomcat.util.net.SecureNioChannel@dcab21d:java.nio.channels.SocketChannel[connected
local=/127.0.0.1:8112 remote=/127.0.0.1:55478]]
 2023-08-10 21:34:05,120 org.apache.tomcat.util.http.Parameters
[https-jsse-nio-0.0.0.0-8112-exec-7] DEBUG: Set query string encoding to
UTF-8
 2023-08-10 21:34:05,120 org.apache.tomcat.util.net.NioEndpoint
[https-jsse-nio-0.0.0.0-8112-exec-6] DEBUG: Registered read interest for
[org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@555bd3a4
:org.apache.tomcat.util.net.SecureNioChannel@dcab21d:java.nio.channels.SocketChannel[connected
local=/127.0.0.1:8112 remote=/127.0.0.1:55478]]
 2023-08-10 21:34:05,120 org.apache.catalina.valves.RemoteIpValve
[https-jsse-nio-0.0.0.0-8112-exec-7] DEBUG: Incoming request
/storefront/facade/auth with originalRemoteAddr [127.0.0.1],
originalRemoteHost=[127.0.0.1], originalSecure=[true],
originalScheme=[https], originalServerName=[localhost],
originalServerPort=[8112] will be seen as newRemoteAddr=[127.0.0.1],
newRemoteHost=[127.0.0.1], newSecure=[true], newScheme=[https],
newServerName=[localhost], newServerPort=[8112]
 2023-08-10 21:34:05,120
org.apache.catalina.authenticator.AuthenticatorBase
[https-jsse-nio-0.0.0.0-8112-exec-7] DEBUG: Security checking request GET
/storefront/facade/auth
 2023-08-10 21:34:05,120 org.apache.catalina.realm.RealmBase
[https-jsse-nio-0.0.0.0-8112-exec-7] DEBUG:   No applicable constraints
defined
 2023-08-10 21:34:05,120
org.apache.catalina.authenticator.AuthenticatorBase
[https-jsse-nio-0.0.0.0-8112-exec-7] DEBUG: Not subject to any constraint
 2023-08-10 21:34:05,121 org.apache.tomcat.util.http.Parameters
[https-jsse-nio-0.0.0.0-8112-exec-7] DEBUG: Set encoding to UTF-8
 2023-08-10 21:34:05,203 org.apache.tomcat.util.threads.LimitLatch
[https-jsse-nio-0.0.0.0-8112-exec-7] DEBUG: Counting
down[https-jsse-nio-0.0.0.0-8112-exec-7] latch=1
 2023-08-10 21:34:05,203 org.apache.tomcat.util.net.NioEndpoint
[https-jsse-nio-0.0.0.0-8112-exec-7] DEBUG: Calling
[org.apache.tomcat.util.net.NioEndpoint@213543bc
].closeSocket([org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@555bd3a4
:org.apache.tomcat.util.net.SecureNioChannel@dcab21d:java.nio.channels.SocketChannel[connected
local=/127.0.0.1:8112 remote=/127.0.0.1:55478]])
 2023-08-10 21:34:12,172 org.apache.catalina.session.ManagerBase
[Catalina-utility-1] DEBUG: Start expire sessions StandardManager at
1691692452172 sessioncount 0
 2023-08-10 21:34:12,172 org.apache.catalina.session.ManagerBase
[Catalina-utility-1] DEBUG: End expire sessions StandardManager
processingTime 0 expired sessions: 0
---


this is from httpclient5:
---
2023-08-10 21:34:58,076

Re: How Do I Set SNI(Server Name Indentification)

2023-08-10 Thread Jochen Wiedmann

Hi, Petar,

looking through

  https://tomcat.apache.org/tomcat-9.0-doc/config/http.html

I get the impression, that SNI is a server-side issue. So, the actual
problem may be on the server side, rather than the client side. To
begin with: Do you really need two different SSL certificates within
one Tomcat. (Because that is, what SNI appears to be about.)

Jochen

On Thu, Aug 10, 2023 at 9:41 PM Petar Tahchiev  wrote:
>
> Hmm,
>
> I tried now setting the Host header:
>
>
> httpGet.setHeader("Host", "localhost");
>
>
> yet tomcat still logs null for SNI
>
> На чт, 10.08.2023 г. в 22:21 ч. Jochen Wiedmann 
> написа:
>
> > On Thu, Aug 10, 2023 at 9:14 PM Petar Tahchiev 
> > wrote:
> >
> > > I found this gist which tells how to provide a SNI:
> > >
> > > https://gist.github.com/jkuipers/e0b35c21c466a9b4d88a
> > >
> > > but it is for HttpClient4 and I am unable to migrate the code to
> > > HttpClient5.
> >
> > From looking at the gist, all that it does is to set the "Host"
> > header. Surely, that's possible using the httpclient5 API.
> >
> > Jochen
> >
> >
> >
> > --
> > The woman was born in a full-blown thunderstorm. She probably told it
> > to be quiet. It probably did. (Robert Jordan, Winter's heart)
> >
> > -
> > To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
> > For additional commands, e-mail: httpclient-users-h...@hc.apache.org
> >
> >
>
> --
> Regards, Petar!
> Karlovo, Bulgaria.
> ---
> Public PGP Key at:
> http://pgp.mit.edu:11371/pks/lookup?op=get=0x19658550C3110611
> Key Fingerprint: A369 A7EE 61BC 93A3 CDFF  55A5 1965 8550 C311 0611



-- 
The woman was born in a full-blown thunderstorm. She probably told it
to be quiet. It probably did. (Robert Jordan, Winter's heart)

-
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org

Re: How Do I Set SNI(Server Name Indentification)

2023-08-10 Thread Petar Tahchiev

Hmm,

I tried now setting the Host header:


httpGet.setHeader("Host", "localhost");


yet tomcat still logs null for SNI

На чт, 10.08.2023 г. в 22:21 ч. Jochen Wiedmann 
написа:

> On Thu, Aug 10, 2023 at 9:14 PM Petar Tahchiev 
> wrote:
>
> > I found this gist which tells how to provide a SNI:
> >
> > https://gist.github.com/jkuipers/e0b35c21c466a9b4d88a
> >
> > but it is for HttpClient4 and I am unable to migrate the code to
> > HttpClient5.
>
> From looking at the gist, all that it does is to set the "Host"
> header. Surely, that's possible using the httpclient5 API.
>
> Jochen
>
>
>
> --
> The woman was born in a full-blown thunderstorm. She probably told it
> to be quiet. It probably did. (Robert Jordan, Winter's heart)
>
> -
> To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
> For additional commands, e-mail: httpclient-users-h...@hc.apache.org
>
>

-- 
Regards, Petar!
Karlovo, Bulgaria.
---
Public PGP Key at:
http://pgp.mit.edu:11371/pks/lookup?op=get=0x19658550C3110611
Key Fingerprint: A369 A7EE 61BC 93A3 CDFF  55A5 1965 8550 C311 0611

Re: How Do I Set SNI(Server Name Indentification)

2023-08-10 Thread Jochen Wiedmann

On Thu, Aug 10, 2023 at 9:14 PM Petar Tahchiev  wrote:

> I found this gist which tells how to provide a SNI:
>
> https://gist.github.com/jkuipers/e0b35c21c466a9b4d88a
>
> but it is for HttpClient4 and I am unable to migrate the code to
> HttpClient5.

>From looking at the gist, all that it does is to set the "Host"
header. Surely, that's possible using the httpclient5 API.

Jochen



-- 
The woman was born in a full-blown thunderstorm. She probably told it
to be quiet. It probably did. (Robert Jordan, Winter's heart)

-
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org

How Do I Set SNI(Server Name Indentification)

2023-08-10 Thread Petar Tahchiev

Hello,

I am facing a very weird issue. I have a project that uses HttpClient4 to
make a simple GET request to Apache Tomcat. It was all working fine.

Now I need to upgrade to HttpClient5. I managed to upgrade very easy - just
a small package renames. However when I make the same request the tomcat
never responds so eventually the HttpClient throws SocketTimeout exception.

I enabled the tomcat server logs and then I tried CURL - works fine and I
see this line in the tomcat logs:

 2023-08-10 21:34:05,101 org.apache.tomcat.util.net.SecureNioChannel
[https-jsse-nio-0.0.0.0-8112-exec-2] DEBUG: The SNI host name extracted for
connection [java.nio.channels.SocketChannel[connected local=/127.0.0.1:8112
remote=/127.0.0.1:55478]] was [localhost]


when I run it with HttpClient5 I see the SNI host name is null and that
seems to me like the only difference.
I found this gist which tells how to provide a SNI:

https://gist.github.com/jkuipers/e0b35c21c466a9b4d88a

but it is for HttpClient4 and I am unable to migrate the code to
HttpClient5.

So my question is: Is there a way to provide a SNI host name?

Thank you
-- 
Regards, Petar!
Karlovo, Bulgaria.
---
Public PGP Key at:
http://pgp.mit.edu:11371/pks/lookup?op=get=0x19658550C3110611
Key Fingerprint: A369 A7EE 61BC 93A3 CDFF  55A5 1965 8550 C311 0611

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

Re: How Do I Set SNI(Server Name Indentification)

How Do I Set SNI(Server Name Indentification)

14 matches

Site Navigation

Mail list logo

Footer information