Details
-
Feature Request
-
Resolution: Done
-
Critical
-
2.3.0.Final
-
None
Description
Currently the UndertowXnioSsl, when acting like a client, uses the hostname of the URI to set the SNIHostName of the SSLParameters. For example here. This makes the SNI available when using a connection using hostname (https://localhost:8443/...) but impossible to set when using IP (https://127.0.0.1:8443/...).
This JIRA is to allow a new UndertowOption (for example SSL_SNI_HOSTNAME) that forces the SNI to the option value. That way using the IP but setting a SNIHostName would be possible. Something like the following:
final ClientConnection connection = client.connect(new URI("https://127.0.0.1:8443"), worker,
new UndertowXnioSsl(worker.getXnio(), OptionMap.EMPTY, DefaultServer.getClientSSLContext()),
DefaultServer.getBufferPool(),
OptionMap.create(UndertowOptions.SSL_SNI_HOSTNAME, "localhost")).get();
final ClientRequest request = new ClientRequest().setMethod(Methods.GET).setPath("/endpoint");
connection.sendRequest(request, ...);
Attachments
Issue Links
- is depended on by
-
WEJBHTTP-74 The http ejb client should use the servers hostname for the TLS SNI extension during handshake
-
- Closed
-
- relates to
-
WFCORE-6170 Update SNI tests to work with changes in Undertow.
-
- Closed
-
