-
Bug
-
Resolution: Not an Issue
-
P4
-
6
-
x86
-
linux
FULL PRODUCT VERSION :
java version "1.6.0_01"
Java(TM) SE Runtime Environment (build 1.6.0_01-b06)
Java HotSpot(TM) Server VM (build 1.6.0_01-b06, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Linux mordi.ams-sys.com 2.6.20-1.2944.fc6 #1 SMP Tue Apr 10 18:46:45 EDT 2007 i686 i686 i386 GNU/Linux
A DESCRIPTION OF THE PROBLEM :
URL https://mordi/eu/ - host name without domain part
System.out.println(httpConnection);
Certificate[] certificates = ((HttpsURLConnection)httpConnection).
getServerCertificates();
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Call by https some local server without host domain part in URL
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
-- Server Certificate --------------------------------------------------------
Signature Algorithm: MD5withRSA
Issued to: EMAILADDRESS=###@###.###, CN=mordi.ams-sys.com,
OU=S/W Development, O=AMS Advanced Maintenance Systems Ltd.,
L=Jerusalem, ST=N/A, C=IL
Issued by: EMAILADDRESS=###@###.###, CN=www.ams-sys.com,
OU=Certification Services Division,
O=AMS Advanced Maintenance Systems Ltd., L=Jerusalem, ST=N/A, C=IL
Valid from 28-May-2006 to 27-May-2008
ACTUAL -
Java 6 result:
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: No name matching mordi found
------------------------------------------
Exception in thread "main" java.lang.NullPointerException
at
sun.net.www.protocol.https.HttpsClient.getServerCertificates(HttpsClient.jav
a:526)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getServerCerti
ficates(AbstractDelegateHttpsURLConnection.java:242)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getServerCertificates(Http
sURLConnectionImpl.java:177)
at Bug.<init>(Bug.java:27)
at Bug.main(Bug.java:9)
Java 5 result:
java.io.IOException: HTTPS hostname wrong: should be <mordi>
ERROR MESSAGES/STACK TRACES THAT OCCUR :
See actual result
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
/*
* Bug.java
*
* Created on May 29, 2007, 1:50 PM
*
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
*/
package webbugtestcases.classes_net.inc965406;
import java.net.*;
import java.io.*;
import javax.net.ssl.*;
import java.security.cert.*;
class Bug {
public static void main(String[] args) throws Exception {
new Bug();
}
Bug() throws Exception {
// IMPORTANT.
// mordi is server on LAN
// Certificate is issued for full name "mordi.ams-sys.com" but
// server name in URL is "mordi" without domain part.
// With domain part getInputStream works. In our code we use catch
// block to get server certificate and to extract
// right server name from it.
URL url = new URL("https://mordi/eu/");
HttpsURLConnection connection = (HttpsURLConnection)url.openConnection();
try {
connection.getInputStream();
} catch (Exception e) {
System.out.println(e);
System.out.println("------------------------------------------");
Certificate[] certificates = connection.getServerCertificates();
}
}
}
---------- END SOURCE ----------
java version "1.6.0_01"
Java(TM) SE Runtime Environment (build 1.6.0_01-b06)
Java HotSpot(TM) Server VM (build 1.6.0_01-b06, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Linux mordi.ams-sys.com 2.6.20-1.2944.fc6 #1 SMP Tue Apr 10 18:46:45 EDT 2007 i686 i686 i386 GNU/Linux
A DESCRIPTION OF THE PROBLEM :
URL https://mordi/eu/ - host name without domain part
System.out.println(httpConnection);
Certificate[] certificates = ((HttpsURLConnection)httpConnection).
getServerCertificates();
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Call by https some local server without host domain part in URL
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
-- Server Certificate --------------------------------------------------------
Signature Algorithm: MD5withRSA
Issued to: EMAILADDRESS=###@###.###, CN=mordi.ams-sys.com,
OU=S/W Development, O=AMS Advanced Maintenance Systems Ltd.,
L=Jerusalem, ST=N/A, C=IL
Issued by: EMAILADDRESS=###@###.###, CN=www.ams-sys.com,
OU=Certification Services Division,
O=AMS Advanced Maintenance Systems Ltd., L=Jerusalem, ST=N/A, C=IL
Valid from 28-May-2006 to 27-May-2008
ACTUAL -
Java 6 result:
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: No name matching mordi found
------------------------------------------
Exception in thread "main" java.lang.NullPointerException
at
sun.net.www.protocol.https.HttpsClient.getServerCertificates(HttpsClient.jav
a:526)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getServerCerti
ficates(AbstractDelegateHttpsURLConnection.java:242)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getServerCertificates(Http
sURLConnectionImpl.java:177)
at Bug.<init>(Bug.java:27)
at Bug.main(Bug.java:9)
Java 5 result:
java.io.IOException: HTTPS hostname wrong: should be <mordi>
ERROR MESSAGES/STACK TRACES THAT OCCUR :
See actual result
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
/*
* Bug.java
*
* Created on May 29, 2007, 1:50 PM
*
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
*/
package webbugtestcases.classes_net.inc965406;
import java.net.*;
import java.io.*;
import javax.net.ssl.*;
import java.security.cert.*;
class Bug {
public static void main(String[] args) throws Exception {
new Bug();
}
Bug() throws Exception {
// IMPORTANT.
// mordi is server on LAN
// Certificate is issued for full name "mordi.ams-sys.com" but
// server name in URL is "mordi" without domain part.
// With domain part getInputStream works. In our code we use catch
// block to get server certificate and to extract
// right server name from it.
URL url = new URL("https://mordi/eu/");
HttpsURLConnection connection = (HttpsURLConnection)url.openConnection();
try {
connection.getInputStream();
} catch (Exception e) {
System.out.println(e);
System.out.println("------------------------------------------");
Certificate[] certificates = connection.getServerCertificates();
}
}
}
---------- END SOURCE ----------