Code Review 6943219: test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java fail in linux
Xuelei.Fan at Sun.COM
Thu Apr 15 03:53:35 PDT 2010
Looks fine to me.
On 4/15/2010 5:05 PM, Chris Hegarty wrote:
> Hi Andrew,
> These tests have canned certs with 'localhost' as a subject alternative
> name in the client certificate. This fails client authentication on the
> accepted server socket if the platform returns anything other than
> 'localhost' for the remote address. This can happen on Linux which
> typically has an entry localhost.localdomain in the /etc/hosts file.
> The fix is to disable client hostname checking on the server side, since
> these tests were added specifically to verify the hostname checking on
> the client side. Note, this does not indicate a bug in the client
> hostname checking on the server side, just that the canned certs in this
> particular test does not fully support it.
More information about the security-dev