Project

General

Profile

No SubjectAltName in self-signed Certificate

shir Hu
Added about 4 years ago

I switch to use jaxmpp-j2se source code, and debug it , found that

DefaultHostnameVerifier.java

function

verifyHostname(String hostname, X509Certificate x509Certificate)

here

x509Certificate.getSubjectAlternativeNames()

retrun null

then application occur error directly and didn't go on running follow code, then I add

if( x509Certificate.getSubjectAlternativeNames()!=null){...}

the code go on match hostname with X500Principal, All the things work well, So Is this a bug or somewhere I changed wrong?


Replies (3)

(1)
Avatar?id=6098&size=32x32

Added by Bartosz Małkowski TigaseTeam about 4 years ago

Please add this patch:

diff --git a/jaxmpp-j2se/src/main/java/tigase/jaxmpp/j2se/connectors/socket/DefaultHostnameVerifier.java b/jaxmpp-j2se/src/main/java/tigase/jaxmpp/j2se/connectors/socket/DefaultHostnameVerifier.java
index a124a77..5e0c19c 100644
--- a/jaxmpp-j2se/src/main/java/tigase/jaxmpp/j2se/connectors/socket/DefaultHostnameVerifier.java
+++ b/jaxmpp-j2se/src/main/java/tigase/jaxmpp/j2se/connectors/socket/DefaultHostnameVerifier.java
@@ -88,6 +88,8 @@ public class DefaultHostnameVerifier implements HostnameVerifier {
        protected boolean verifyHostname(String hostname, X509Certificate x509Certificate) throws CertificateParsingException {
                boolean altNamePresents = false;
                for (List<?> entry : x509Certificate.getSubjectAlternativeNames()) {
+                       if (entry == null)
+                               continue;
                        Integer altNameType = (Integer) entry.get(0);
                        if (altNameType != 2)
                                continue;

And tell me if it helps.

Added by shir Hu about 4 years ago

I add this you give me to source code:

if (entry == null)
    continue;

It doesn't work , because " x509Certificate.getSubjectAlternativeNames() " is null, this Exception occur in " for (List<?> entry : x509Certificate.getSubjectAlternativeNames())", So other solutions ?

(1)
Avatar?id=6098&size=32x32

Added by Bartosz Małkowski TigaseTeam almost 4 years ago

Fixed. Commited. Pushed.

Thank you.

    (1-3/3)