Mailing-List: contact dev-help@hc.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "HttpComponents Project" <dev@hc.apache.org>
Date: Mon, 22 Aug 2011 20:52:29 +0000 (UTC)
From: "Weili Shao (JIRA)" <jira@apache.org>
To: dev@hc.apache.org
Message-ID: 
 <1175542243.2726.1314046349935.JavaMail.tomcat@hel.zones.apache.org>
In-Reply-To: 
 <1172757344.2368.1314041069188.JavaMail.tomcat@hel.zones.apache.org>
Subject: [jira] [Commented] (HTTPCLIENT-1118) SSLException on 4.1.2
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1118?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13088998#comment-13088998 ] 

Weili Shao commented on HTTPCLIENT-1118:
----------------------------------------

It looks like the ec2 client that we are using is using a deprecated Scheme constructor, I will file a bug to them then. Thanks!

> SSLException on 4.1.2
> ---------------------
>
>                 Key: HTTPCLIENT-1118
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1118
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.1.2
>            Reporter: Weili Shao
>
> We have an application using HttpClient and Amazon web service, after we upgraded from 4.1.1 to 4.1.2, we get this error stack:
> Caused by: javax.net.ssl.SSLException: hostname in certificate didn't match: <ec2.us-west-1.amazonaws.com/204.246.162.140> != <ec2.us-west-1.amazonaws.com> OR <ec2.us-west-1.amazonaws.com> OR <us-west-1.ec2.amazonaws.com>
>         at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:228)
>         at org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:54)
>         at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:149)
>         at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:130)
>         at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
>         at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:495)
>         at org.apache.http.conn.scheme.SchemeSocketFactoryAdaptor.connectSocket(SchemeSocketFactoryAdaptor.java:62)
>         at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
>         at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
>         at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
>         at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
>         at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
>         at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
>         at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
>         at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)
>         at com.xerox.amazonws.common.AWSQueryConnection.makeRequest(Unknown Source)
>         at com.xerox.amazonws.ec2.Jec2.makeRequestInt(Jec2.java:2357)
> at com.xerox.amazonws.ec2.Jec2.makeRequestInt(Jec2.java:2367)
>         at com.xerox.amazonws.ec2.Jec2.describeInstances(Jec2.java:826)
>         at com.telenav.utility.monitoring.EC2MonitorService.getCurrentInstanceId(Unknown Source)
>         at com.telenav.spring.NodeAware.getNodeId(Unknown Source)
>         at com.telenav.spring.NodeAware.init(Unknown Source)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:597)
> However, after we rollback to 4.1.1, it becomes working again. I didn't spend too much time to understand what's going on. By reading the release notes, I didn't see anything has been changed for SSL. So I just file it to you guys to see if it's really an issue.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org