RFR: JDK-8260925: HttpsURLConnection does not work with other JSSE provider. [v2]

Daniel Fuchs dfuchs at openjdk.java.net
Wed Mar 3 10:08:40 UTC 2021


On Wed, 3 Mar 2021 04:27:15 GMT, Vyom Tewari <vtewari at openjdk.org> wrote:

>> HttpsURLConnection, works with SunJSSE provider but does not work with other JSSE provider. In case of SunJSSE , HttpsURLConnection set the host name as follows
>> 
>> s = (SSLSocket)serverSocket;
>>    if (s instanceof SSLSocketImpl) {
>>           ((SSLSocketImpl)s).setHost(host);
>>    } 
>> 
>> But in case of other providers(BouncyCastleProvider )  host will not get set and "java.security.cert.CertificateException: No subject alternative name found matching IP address" exception will be thrown.
>
> Vyom Tewari has updated the pull request incrementally with one additional commit since the last revision:
> 
>   used List.of instead of Collections.singletonList

src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java line 454:

> 452:                     s = (SSLSocket)factory.createSocket(serverSocket,
> 453:                                                         host, port, true);
> 454:                 } else {

This line should not have been deleted - otherwise NPE will arise later on - e.g. at line 474. Has this change really been tested?

-------------

PR: https://git.openjdk.java.net/jdk/pull/2583


More information about the net-dev mailing list