[RFR] 8214440: ldap over a TLS connection negotiate failed with "javax.net.ssl.SSLPeerUnverifiedException: hostname of the server '' does not match the hostname in the server's certificate"

Xue-Lei Fan xuelei.fan at oracle.com
Wed Jan 9 16:52:41 UTC 2019

The behavior looks similar to the underlying TLS implementation.  Looks 
good to me.


On 1/8/2019 9:03 AM, Rob McKenna wrote:
> Hi folks,
> I'd like to fix this test failure caused by 8160768.
> The problem is that the LdapDnsProviderResult sets the hostname to the
> empty String and gets passed to StartTlsResponseImpl.verify.
> Unfortunately StartTlsResponseImpl.verify only expects null values.
> Since null and the empty String are functionally equivalent I've added a
> check to StartTlsResponseImpl.verify to take the empty String into
> account.
> http://cr.openjdk.java.net/~robm/8214440/webrev.01/
> This was caught by an existing test which I managed to miss in my
> testing incantation.
>      -Rob

More information about the core-libs-dev mailing list