Andy Signer created HTTPCLIENT-1906: ---------------------------------------
Summary: HttpClient rejects valid certificates with subjectAltNames Key: HTTPCLIENT-1906 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1906 Project: HttpComponents HttpClient Issue Type: Bug Components: HttpClient (classic) Affects Versions: 5.0 Alpha2, 4.5.3 Reporter: Andy Signer A certificate containing only an email address (declared as rfc822Name) in subjectAltName gets rejected. This change was introduced with HTTPCLIENT-1802. HttpClient should fall back onto CN for hostname verification instead of rejecting the certificate as invalid. A unit test demonstrating the issue: https://github.com/asigner/httpcomponents-client/commit/e2e5c422ad201fc4a4df07e05ffda522ed626008 See http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/201802.mbox/%3cCAG5G_q+fh1p54gOO=_kln09+9rizcfxgpmfevue3iq3rp8i...@mail.gmail.com%3e -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org