-
Bug
-
Resolution: Done
-
Major
-
None
-
None
When starting TLS over HTTP/1.1 the
"application_layer_protocol_negotiation (16)": {
[http/1.1]
}
ALPN extension must be present in SSL ClientHello handshake message.
When starting TLS over HTTP/1.1 with upgrade request to HTTP2 the
"application_layer_protocol_negotiation (16)": {
[h2, http/1.1]
}
ALPN extension must be present in SSL ClientHello handshake message.
In the past Undertow client was either sending no application_layer_protocol_negotiation ALPN extension when doing SSL over HTTP 1.1 or
was sending just h2 value in application_layer_protocol_negotiation ALPN extension when doing SSL over HTTP 1.1 with HTTP2 upgrade request.
This was causing SSL handshaking issues with servers / proxies that were configured to operate on HTTP 1.1 only because SSL protocol on client side
was complaining when server responded with "application_layer_protocol_negotiation (16)": {
[http/1.1]
}
on client handshake message that was containing just h2 value in application_layer_protocol_negotiation ALPN extension header.
- is cloned by
-
JBEAP-26774 (7.4.z) UNDERTOW-2347 - Undertow client must send either http/1.1 or both http/1.1 and h2 in SSL ClientHello handshake message
- Closed
-
JBEAP-26775 [GSS](8.0.z) UNDERTOW-2347 - Undertow client must send either http/1.1 or both http/1.1 and h2 in SSL ClientHello handshake message
- Closed
- is incorporated by
-
WFCORE-6794 CVE-2023-1973 Upgrade Undertow to 2.3.13.Final
- Resolved