hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Kocher (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HTTPCLIENT-1118) SSLException on 4.1.2
Date Tue, 01 Nov 2011 16:41:32 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1118?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13141303#comment-13141303
] 

David Kocher commented on HTTPCLIENT-1118:
------------------------------------------

I don't think this is caused by using deprecated constructors of the mentioned scheme registry
classes. Instead the diff between the tagged versions of SSLSocketFactory in SVN show that
for 4.1.2 the hostname verifier is passed the #toString() implementation minus the port of
Inetaddress of the socket. In 4.1.2 InetSocketAddress#getHostName() is called instead. The
code in trunk has again changed since.
                
> SSLException on 4.1.2
> ---------------------
>
>                 Key: HTTPCLIENT-1118
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1118
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.1.2
>            Reporter: Weili Shao
>
> We have an application using HttpClient and Amazon web service, after we upgraded from
4.1.1 to 4.1.2, we get this error stack:
> Caused by: javax.net.ssl.SSLException: hostname in certificate didn't match: <ec2.us-west-1.amazonaws.com/204.246.162.140>
!= <ec2.us-west-1.amazonaws.com> OR <ec2.us-west-1.amazonaws.com> OR <us-west-1.ec2.amazonaws.com>
>         at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:228)
>         at org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:54)
>         at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:149)
>         at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:130)
>         at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
>         at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:495)
>         at org.apache.http.conn.scheme.SchemeSocketFactoryAdaptor.connectSocket(SchemeSocketFactoryAdaptor.java:62)
>         at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
>         at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
>         at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
>         at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
>         at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
>         at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
>         at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
>         at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)
>         at com.xerox.amazonws.common.AWSQueryConnection.makeRequest(Unknown Source)
>         at com.xerox.amazonws.ec2.Jec2.makeRequestInt(Jec2.java:2357)
> at com.xerox.amazonws.ec2.Jec2.makeRequestInt(Jec2.java:2367)
>         at com.xerox.amazonws.ec2.Jec2.describeInstances(Jec2.java:826)
>         at com.telenav.utility.monitoring.EC2MonitorService.getCurrentInstanceId(Unknown
Source)
>         at com.telenav.spring.NodeAware.getNodeId(Unknown Source)
>         at com.telenav.spring.NodeAware.init(Unknown Source)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:597)
> However, after we rollback to 4.1.1, it becomes working again. I didn't spend too much
time to understand what's going on. By reading the release notes, I didn't see anything has
been changed for SSL. So I just file it to you guys to see if it's really an issue.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message