SNI not sent with Java 22+ using java.net.http.HttpClient.Builder#sslParameters
Jaikiran Pai
jai.forums2013 at gmail.com
Tue Nov 26 01:12:34 UTC 2024
Hello Nicolas,
On 25/11/24 9:57 pm, Nicolas Henneaux wrote:
> Hi Jaikiran,
>
> I still have not received your answer. Hopefully I got it from the
> mailing list archive but it is not really convenient.
Are you subscribed to the net-dev mailing list? Since my replies are
reaching net-dev archives, I am guessing others who have subscribed to
net-dev list are receiving my replies (I will check with someone I know).
-Jaikiran
>
> I am not trying to add the IP as SNI but to force the SNI value to a
> specific hostname while using the IP in the URL called by HttpClient.
> However, it is not working since Java 22 since the hostname from the
> URL is used as SNI if valid name and none if not (like it is for IP).
> I would expect the SNI provided through java.net
> <http://java.net>.http.HttpClient.Builder#sslParameters#ServerName to
> always be used, in addition to the hostname from the URL or only the
> configured values. The first alternative is implemented in this pull
> request https://github.com/openjdk/jdk/pull/22211/files.
>
> In the following code snippet, the SNI hostname myhostname.io is not
> sent during handshake while I expect it to be sent.
> SSLParameters sslParameters = new SSLParameters();
> sslParameters.setServerNames(List.of(new SNIHostName("myhostname.io")));
> HttpClient httpClient =
> HttpClient.newBuilder().sslParameters(sslParameters).build();
> HttpResponse<Void> httpResponse = httpClient.send(
> HttpRequest.newBuilder(URI.create("https://1.2.3.4")).build(),
> HttpResponse.BodyHandlers.discarding());
>
> Thank you for your help,
>
> Best regards,
>
> Nicolas Henneaux
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/net-dev/attachments/20241126/cedf3a87/attachment-0001.htm>
More information about the net-dev
mailing list