On Tue, 2015-01-06 at 17:08 -0500, Dan Quaroni wrote: > This used to work in 4.3... I've tried setting other HostNameVerifiers > (which seem to be all deprecated now in 4.4) but that also hasn't helped. > The Default verifier is rejecting a cert with a wilcard in it: > > javax.net.ssl.SSLPeerUnverifiedException: Host name 'us8.api.mailchimp.com' > does not match the certificate subject provided by the peer (CN=*. > api.mailchimp.com, OU=Rocket Science Group, O=ROCKET SCIENCE GROUP, > L=Atlanta, ST=GA, C=US) > > >
I am not sure this issue is necessarily caused by wildcard in the subject's CN. Could you please upgrade to the latest snapshot from HttpClient trunk [1], execute the request with context logging on [2] and post the resultant log to this list? Oleg [1] https://github.com/apache/httpclient/tree/trunk [2] http://hc.apache.org/httpcomponents-client-4.3.x/logging.html --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
