On Tue, 16 Feb 2021 07:50:05 GMT, Vyom Tewari <[email protected]> wrote:
> HttpsURLConnection, works with SunJSSE provider but does not work with other
> JSSE provider. In case of SunJSSE , HttpsURLConnection set the host name as
> follows
>
> s = (SSLSocket)serverSocket;
> if (s instanceof SSLSocketImpl) {
> ((SSLSocketImpl)s).setHost(host);
> }
>
> But in case of other providers(BouncyCastleProvider ) host will not get set
> and "java.security.cert.CertificateException: No subject alternative name
> found matching IP address" exception will be thrown.
src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java line
569:
> 567: SSLParameters paramaters = s.getSSLParameters();
> 568:
> paramaters.setEndpointIdentificationAlgorithm("HTTPS");
> 569:
> paramaters.setServerNames(Collections.singletonList(new SNIHostName(host)));
What if the SSL Layer has already an SNIHostName configured? Is there a risk
that this will introduce regressions in such cases?
-------------
PR: https://git.openjdk.java.net/jdk/pull/2583
