https should check CN of x509 cert
----------------------------------
Key: HTTPCLIENT-613
URL: http://issues.apache.org/jira/browse/HTTPCLIENT-613
Project: HttpComponents HttpClient
Issue Type: Bug
Components: HttpClient
Affects Versions: Nightly Builds
Reporter: Julius Davies
Priority: Critical
https should check CN of x509 cert
Since we're essentially rolling our own "HttpsURLConnection", the checking
provided by "javax.net.ssl.HostnameVerifier" is no longer in place.
I have a patch I'm about to attach which caused both createSocket() methods on
o.a.h.conn.ssl.SSLSocketFactory to blowup:
test1: javax.net.ssl.SSLException: hostname in certificate didn't match:
<vancity.com> != <www.vancity.com>
test2: javax.net.ssl.SSLException: hostname in certificate didn't match:
<vancity.com> != <www.vancity.com>
Hopefully people agree that this is desirable.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
