SNI not sent with Java 22+ using java.net.http.HttpClient.Builder#sslParameters
Nicolas Henneaux
nicolas at henneaux.io
Mon Nov 18 15:25:56 UTC 2024
Hi all, I have built a small library to target several IP behind a given HTTPS endpoint based on java.net.http.HttpClient, https://github.com/nhenneaux/resilient-httpclient . It relies for some endpoints on SNI server name specified through method java.net.http.HttpClient.Builder#sslParameters#setServerNames. Since Java 22, it does not work properly for some endpoints, e.g. google.com. I have enabled debug ssl logs and I get the following log indicating the SNI is ignored. javax.net.ssl|WARNING|62|HttpClient-1-Worker-0|2024-11-18 15:51:49.496 CET|ServerNameExtension.java:265|Unable to indicate server name javax.net.ssl|DEBUG|62|HttpClient-1-Worker-0|2024-11-18 15:51:49.496 CET|SSLExtensions.java:272|Ignore, context unavailable extension: server_name I have a pull request showing the issue for some hosts https://github.com/nhenneaux/resilient-httpclient/pull/68/files . Is it something expected on Java 22+ or a bug was introduced? Thank you for your help, Best regards, Nicolas Henneaux
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/net-dev/attachments/20241118/be23b60a/attachment.htm>
More information about the net-dev
mailing list