Uploaded image for project: 'Crucible'
  1. Crucible
  2. CRUC-8060

HTTPClient throws ClassCastException when user(s) attempts to login

XMLWordPrintable

      Summary

      A regression in Apache HTTPClient shipped with Crucible 4.4.1 causes a ClassCastException when attempting to authenticate against Crucible and the SSL certificate for the server contains ASN.1 encoded entries for the Subject Alternate Name.

      Actual Results

      The below exception is thrown in the fisheye log file:

      Caused by: java.lang.ClassCastException: [B cannot be cast to java.lang.String
	at org.apache.http.conn.ssl.DefaultHostnameVerifier.getSubjectAltNames(DefaultHostnameVerifier.java:309) [httpclient-4.5.3.jar:4.5.3]
	at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:112) [httpclient-4.5.3.jar:4.5.3]
	at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:99) [httpclient-4.5.3.jar:4.5.3]
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:463) [httpclient-4.5.3.jar:4.5.3]
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:397) [httpclient-4.5.3.jar:4.5.3]
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) [httpclient-4.5.3.jar:4.5.3]

      Workaround

      • Regenerate the certificates so that it does not contain any ASN.1 DER encoded values.

              dlaser dlaser (Inactive)
              mwilliams@atlassian.com Mark A.
              Votes:
              1 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: