SNI not sent with Java 22+ using java.net.http.HttpClient.Builder#sslParameters
Jaikiran Pai
jai.forums2013 at gmail.com
Fri Dec 20 09:25:18 UTC 2024
I've now created https://bugs.openjdk.org/browse/JDK-8346705 to track this.
-Jaikiran
On 18/11/24 10:16 pm, Nicolas Henneaux wrote:
> Hi Daniel,
>
> Thanks for your answer!
>
> I know it is not supported hence I have built some years ago a library
> around HttpClient to do that.
> https://github.com/nhenneaux/resilient-httpclient
>
> I made a pull request with the fix I would need to be applied
> https://github.com/openjdk/jdk/pull/22211/files.
>
> I think it is a regression introduced in Java22 since configured
> SslParameters#ServerNames is now discarded in favour of the HTTP
> hostname which is not valid if the hostname is an IP.
>
> Best regards,
>
> Nicolas
>
>> On Nov 18, 2024, at 5:40 PM, Daniel Fuchs <daniel.fuchs at oracle.com>
>> wrote:
>>
>>
>> Hi Nicolas,
>>
>> If I understand correctly, you would like to be able to select which
>> IP address is used when connecting to a host that has several
>> IP addresses.
>>
>> This functionality is currently not supported by the HttpClient.
>>
>> best regards,
>>
>> -- daniel
>>
>> On 18/11/2024 15:56, Nicolas Henneaux wrote:
>>> In the library, I force the IP in the HTTP request to enforce the
>>> target
>>> IP keeping the HTTP host header and SNI aligned with the actual value.
>>> The detected SNI is then empty, is it possible to support both detected
>>> and specified SNI?
>
>
More information about the net-dev
mailing list