[
https://issues.apache.org/jira/browse/HTTPCLIENT-1410?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13784043#comment-13784043
]
Oleg Kalnichevski commented on HTTPCLIENT-1410:
-----------------------------------------------
Sidney,
You have now completely lost me. So, is the check not strict enough or it
should not be there at all? I honestly have no idea what to do here.
Oleg
> AbstractVerifier.acceptableCountryWildcard check not strict enough
> ------------------------------------------------------------------
>
> Key: HTTPCLIENT-1410
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1410
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.3 Final
> Reporter: Sidney Beekhoven
>
> I work at a company called info.nl in the Netherlands, so our domain is
> info.nl. We have a wildcard certificate in use for several services,
> *.info.nl.
> The AbstractVerifier has a method acceptableCountryWildcard which checks that
> you don't use eg *.co.uk as the wildcard in the certificate. The second to
> last domain part is checked against a fixed list, which includes info so our
> wildcard is not accepted.
> Apparantly there are some countries where info.<countrycode> is seen as a top
> level domain but that is not the case for the netherlands. So the check on
> this is not strict enough and should also take into account the top level
> domain.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
