Re: SNI not sent with Java 22+ using java.net.http.HttpClient.Builder#sslParameters
Nicolas Henneaux
nicolas at henneaux.io
Mon Nov 18 16:46:43 UTC 2024
Hi Daniel, Thanks for your answer! I know it is not supported hence I have built some years ago a library around HttpClient to do that. https://github.com/nhenneaux/resilient-httpclient I made a pull request with the fix I would need to be applied https://github.com/openjdk/jdk/pull/22211/files . I think it is a regression introduced in Java22 since configured SslParameters#ServerNames is now discarded in favour of the HTTP hostname which is not valid if the hostname is an IP. Best regards, Nicolas On Nov 18, 2024, at 5:40 PM, Daniel Fuchs <daniel.fuchs at oracle.com> wrote: Hi Nicolas, If I understand correctly, you would like to be able to select which IP address is used when connecting to a host that has several IP addresses. This functionality is currently not supported by the HttpClient. best regards, -- daniel On 18/11/2024 15:56, Nicolas Henneaux wrote: In the library, I force the IP in the HTTP request to enforce the target IP keeping the HTTP host header and SNI aligned with the actual value. The detected SNI is then empty, is it possible to support both detected and specified SNI?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/net-dev/attachments/20241118/b1a13827/attachment-0001.htm>
More information about the net-dev
mailing list