Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

Am Dienstag, dem 12.09.2023 um 14:39 + schrieb Michael Osipov: > How, did you expect us to write an custom JSSE provider? The old pre 4.x http components had their own http classes and did not use the JSSE base ones - if I remember right - for their implementation, so it seemed not that

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

Am Dienstag, dem 12.09.2023 um 17:54 +0200 schrieb Oleg Kalnichevski: > Confirms how? HttpClient has always been using JSSE APIs and nothing > else. Like it does now. I said the old HttpComponents had their own http classes and if you look at the code of HttpConnection, it does not extend / use

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

Am Dienstag, dem 12.09.2023 um 17:42 +0200 schrieb Oleg Kalnichevski: > http://svn.apache.org/viewvc/httpcomponents/oac.hc3x/trunk/src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java?revision=1422573=markup > > Oleg That confirms my statement, look at the imports, there

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

Am Dienstag, dem 12.09.2023 um 18:08 +0200 schrieb Oleg Kalnichevski: > This statement is meaningless. All versions of HttpClient have their > own http classes. And all versions of HttpClient have always been > using > JSSE for its transport security and nothing else. If you are not > happy > with

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

On Tue, 2023-09-12 at 17:36 +0200, Torsten Krah wrote: > > > > You do not. > > Looking at [1] the http classes (e.g. [2]) do not leverage the > java.net.http classes, so at least on that part I do remember right, > imho. >

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

On Tue, 2023-09-12 at 18:00 +0200, Torsten Krah wrote: > Am Dienstag, dem 12.09.2023 um 17:54 +0200 schrieb Oleg Kalnichevski: > > Confirms how? HttpClient has always been using JSSE APIs and > > nothing > > else. Like it does now. > > I said the old HttpComponents had their own http classes 

How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

Hi, how do I enable TLS 1.3 post-handshake authentication with HTTP 1.1 when using HttpComponents? At the moment all my requests are failing if a TLS 1.3 host requires mutual tls and the certificate is only required for some methods / uri's, where httpd will request that certificate via

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

On 2023/09/12 14:35:08 Torsten Krah wrote: > Am Dienstag, dem 12.09.2023 um 14:21 + schrieb Michael Osipov: > > PHA is not implemented in SunJSSE. > > Yeah, I found https://bugs.openjdk.org/browse/JDK-8206923 - > unfortunately no progress on that ticket so far - but I hade hope that >

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

On 2023/09/12 14:53:52 Torsten Krah wrote: > Am Dienstag, dem 12.09.2023 um 14:39 + schrieb Michael Osipov: > > How, did you expect us to write an custom JSSE provider? > > The old pre 4.x http components had their own http classes and did not > use the JSSE base ones - if I remember right -

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

> > You do not. Looking at [1] the http classes (e.g. [2]) do not leverage the java.net.http classes, so at least on that part I do remember right, imho. [1] http://svn.apache.org/viewvc/httpcomponents/oac.hc3x/trunk/src/java/org/apache/commons/httpclient/ [2]

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

On Tue, 2023-09-12 at 17:51 +0200, Torsten Krah wrote: > Am Dienstag, dem 12.09.2023 um 17:42 +0200 schrieb Oleg Kalnichevski: > > http://svn.apache.org/viewvc/httpcomponents/oac.hc3x/trunk/src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java?revision=1422573=markup > > >

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

On 2023/09/12 13:54:49 Torsten Krah wrote: > Hi, > > how do I enable TLS 1.3 post-handshake authentication with HTTP 1.1 > when using HttpComponents? > > At the moment all my requests are failing if a TLS 1.3 host requires > mutual tls and the certificate is only required for some methods / >

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

Am Dienstag, dem 12.09.2023 um 14:21 + schrieb Michael Osipov: > PHA is not implemented in SunJSSE. Yeah, I found https://bugs.openjdk.org/browse/JDK-8206923 - unfortunately no progress on that ticket so far - but I hade hope that HttpComponents brought its own impl which I could opt-in to

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

On Tue, 2023-09-12 at 15:06 +, Michael Osipov wrote: > On 2023/09/12 14:53:52 Torsten Krah wrote: > > Am Dienstag, dem 12.09.2023 um 14:39 + schrieb Michael Osipov: > > > How, did you expect us to write an custom JSSE provider? > > > > The old pre 4.x http components had their own http

Re: How to enable TLS 1.3 post-handshake authentication with HTTP 1.1

On 2023/09/12 16:29:04 Torsten Krah wrote: > Am Dienstag, dem 12.09.2023 um 18:08 +0200 schrieb Oleg Kalnichevski: > > This statement is meaningless. All versions of HttpClient have their > > own http classes. And all versions of HttpClient have always been > > using > > JSSE for its transport