RFR: JDK-8260925: HttpsURLConnection does not work with other JSSE provider.

Xue-Lei Andrew Fan xuelei at openjdk.java.net
Tue Mar 2 20:20:47 UTC 2021


On Tue, 16 Feb 2021 07:50:05 GMT, Vyom Tewari <vtewari at openjdk.org> wrote:

> HttpsURLConnection, works with SunJSSE provider but does not work with other JSSE provider. In case of SunJSSE , HttpsURLConnection set the host name as follows
> 
> s = (SSLSocket)serverSocket;
>    if (s instanceof SSLSocketImpl) {
>           ((SSLSocketImpl)s).setHost(host);
>    } 
> 
> But in case of other providers(BouncyCastleProvider )  host will not get set and "java.security.cert.CertificateException: No subject alternative name found matching IP address" exception will be thrown.

src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java line 569:

> 567:                     SSLParameters paramaters = s.getSSLParameters();
> 568:                     paramaters.setEndpointIdentificationAlgorithm("HTTPS");
> 569:                     paramaters.setServerNames(Collections.singletonList(new SNIHostName(host)));

List.of() is more preferred now.

Is the code in line 465 and 467 is duplicated now?

-------------

PR: https://git.openjdk.java.net/jdk/pull/2583


More information about the net-dev mailing list