StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POSSLSocket ignores domain mismatch
text
Body
copied!<p>I am reading from SSL Socket but host doesn't match the certificate (eg. <code>host = "localhost"</code>). I would expect the exception but the following code happily talks to remote server without any problems.</p> <pre><code>try ( final Socket socket = SSLSocketFactory.getDefault().createSocket(host, port); final OutputStream os = socket.getOutputStream(); final InputStream is = socket.getInputStream()) { os.write(("HEAD / HTTP/1.1\r\nHost: " + host + "\r\nConnection: close\r\n\r\n").getBytes()); os.flush(); final byte[] bytes = new byte[1024]; int n; while ((n = is.read(bytes)) != -1) { System.out.print(new String(bytes, 0, n)); } System.out.println(); } catch (final IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } </code></pre> <p>Therefore I've tried another approach:</p> <pre><code>try { final HttpURLConnection conn = (HttpURLConnection) new URL("https://" + host + ":" + port + "/").openConnection(); try (InputStream is = conn.getInputStream()) { IOUtils.copy(is, System.out); } catch (final IOException e1) { try (InputStream es = conn.getErrorStream()) { if (es != null) { IOUtils.copy(es, System.out); } } } } catch (final IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } </code></pre> <p>Unfortunately I still get no SSL exception, just WARN in the logs: <code>2013-07-31 16:02:27,182 WARN nio - javax.net.ssl.SSLException: Received fatal alert: certificate_unknown</code></p> <p>How to get the SSL exception if certificate doesn't match?</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload