hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hennus Bergman (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HTTPCLIENT-1097) BrowserCompatHostnameVerifier should handle wildcards in SSL certificates better
Date Fri, 27 May 2011 20:02:47 GMT
BrowserCompatHostnameVerifier should handle wildcards in SSL certificates better

                 Key: HTTPCLIENT-1097
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1097
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient
    Affects Versions: 4.1.1
            Reporter: Hennus Bergman
            Priority: Minor

I ran into a problem with SSL wildcard certificates in the class BrowserCompatHostnameVerifier.
It handles "*.example.org" fine but "server*.example.org" fails to work correctly. The javadoc
claims that it should behave the same way as curl and FireFox. In Firefox an SSL certificate
for "server*.example.org" works fine for the host "server.example.org", using HttpClient it
throws an exception.

Here is an example test (JUnit4):

package org.example.hb;

import javax.net.ssl.SSLException;

import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;
import org.junit.Test;

public class BrowserCompatHostnameVerifierTest {

	 * Should not throw an exeption in the verify method.
	 * @throws SSLException
	public void testVerifyStringStringArrayStringArray() throws SSLException
		BrowserCompatHostnameVerifier hv = new BrowserCompatHostnameVerifier();
		String host = "www.example.org";
		String[] cns = {"www*.example.org"};
		hv.verify(host, cns, cns);


This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message