JDK-6586276 : SSLSockets and SSLEngines need a switch to enable hostname validation
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 6u2
  • Priority: P3
  • Status: Closed
  • Resolution: Duplicate
  • OS: generic
  • CPU: generic
  • Submitted: 2007-07-27
  • Updated: 2010-09-29
  • Resolved: 2009-07-13
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7
7Resolved
Related Reports
Duplicate :  
Relates :  
Relates :  
Relates :  
Description
In order to be compliant with RFC 2459, applications should implement hostname checking on SSL connections.  The class HttpsURLConnection does this, for example.  However, if you are using the lower-level SSLSocket, SSLServerSocket and SSLEngine classes this functionality isn't available, even though it is implemented in the underlying libraries.  A mechanism should be provided to enable this existing code so that JSSE clients don't have to reinvent an existing wheel.

Suggestion: make this flag part of the SSLParameters class and implement RFE 6586274

Comments
PUBLIC COMMENTS 6586258 will address the issue with a extended trust manager.
13-07-2009