Hi,
I am trying to connect to a server that fails the SNI check as it doesn’t have the correct name settings. I cannot change that as it isn’t my server. I am using the code below to try and bypass it.
The error I get is this
Javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
The weird thing is this code works fine in a plain Vaadin application but not in CUBA. Does anyone know why it would be failing in CUBA?
If I add this line of code then everything works fine in CUBA but I’d rater not have to have this global setting.
System.setProperty("jsse.enableSNIExtension", "false");
CODE:
private List<String> cloudLogin() {
try {
HttpsURLConnection connection = (HttpsURLConnection) new URL("https://???.com/core/loginguest?userid=xxx&password=xxx").openConnection();
connection.setRequestMethod("GET");
connection.setHostnameVerifier(new SSLSkipSNIHostnameVerifier());
Map<String, String> headers = new HashMap<>();
headers.put("content-type", "application/xml");
if (headers != null) {
for (String headerKey : headers.keySet()) {
connection.setRequestProperty(headerKey, headers.get(headerKey));
}
}
connection.setUseCaches(false);
connection.setDoInput(true);
connection.setDoOutput(true);
int responseCode = connection.getResponseCode();
return connection.getHeaderFields().get("Set-Cookie");
} catch (Exception e) {
throw new RuntimeException("Cannot create connection. " + e.getMessage(), e);
}
}
public class SSLSkipSNIHostnameVerifier implements HostnameVerifier {
/**
*
*/
public SSLSkipSNIHostnameVerifier() {
}
/*
* We always treat SNI issues as valid. This should only be used in valid and verified cases and not set as the default host name-verifier for all connections
* (non-Javadoc)
* @see javax.net.ssl.HostnameVerifier#verify(java.lang.String, javax.net.ssl.SSLSession)
*/
@Override
public boolean verify (String hostname, SSLSession session) {
// Return true so that we implicitly trust hostname mismatch
return true;
}
}