[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wink-dev
Subject:    [jira] Commented: (WINK-242) Support SSL Hostname Verifier Bypass
From:       "Hudson (JIRA)" <jira () apache ! org>
Date:       2010-12-07 21:35:13
Message-ID: 6792653.36801291757713084.JavaMail.jira () thor
[Download RAW message or body]


    [ https://issues.apache.org/jira/browse/WINK-242?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12969011#action_12969011 \
] 

Hudson commented on WINK-242:
-----------------------------

Integrated in Wink-Trunk-JDK1.5 #427 (See \
[https://hudson.apache.org/hudson/job/Wink-Trunk-JDK1.5/427/])  Fix support for SSL \
Hostname Verifier Bypass

See [WINK-242]

Thanks to David Johnson for the patch.


> Support SSL Hostname Verifier Bypass
> ------------------------------------
> 
> Key: WINK-242
> URL: https://issues.apache.org/jira/browse/WINK-242
> Project: Wink
> Issue Type: New Feature
> Affects Versions: 1.1
> Environment: Doesn't matter
> Reporter: Andrew Spyker
> Assignee: Mike Rheinheimer
> Priority: Minor
> Attachments: snoopdave-wink-242-fix.patch, WINK-242.patch
> 
> 
> It is incorrect, but common, for web sites to have SSL certs that are signed by \
> localhost with localhost as the CN/hostname, but then are deployed on real websites \
> like w3.internal.example.com.  If you try to connect to one of these with Wink you \
> get: Exception : java.io.IOException: HTTPS hostname wrong: should be <localhost>
> You'll see extensive discussion and how to fix at:
> http://forums.sun.com/thread.jspa?threadID=521779
> You'll also see commercial products supporting this behavior as well like:
> http://www-01.ibm.com/support/docview.wss?uid=swg1PK24500

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


[prev in list] [next in list] [prev in thread] [next in thread]