You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Adam Lynam (JIRA)" <ji...@apache.org> on 2016/12/12 13:17:58 UTC
[jira] [Created] (NET-605) FTPSClient forces IP in
SubjectAlternativeNames field for server certificate validation instead of
hostname
Adam Lynam created NET-605:
------------------------------
Summary: FTPSClient forces IP in SubjectAlternativeNames field for server certificate validation instead of hostname
Key: NET-605
URL: https://issues.apache.org/jira/browse/NET-605
Project: Commons Net
Issue Type: Bug
Components: FTP
Affects Versions: 3.5
Reporter: Adam Lynam
We have an FTP Server with a signed certificate, with both CN and SAN DNS entries set to the respective hostname of the machine.
When attempting to connect using FTPSClient, we get java.security.cert.CertificateException: No subject alternative names matching IP address x.x.x.x found. The FTPSClient appears to resolve the IP address and pass that through the SSLSocket where it eventually raises the exception.
While we initially encountered the error against our internal FTP server, we have confirmed the same issue against a public FTP server. ftps://demo:password@test.rebex.net.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)