Details
-
Bug
-
Resolution: Fixed
-
Low
-
4.4.1, 4.5.3, 4.6.1
-
Severity 2 - Major
-
6
-
Description
Summary
A regression in Apache HTTPClient shipped with Crucible 4.4.1 causes a ClassCastException when attempting to authenticate against Crucible and the SSL certificate for the server contains ASN.1 encoded entries for the Subject Alternate Name.
Actual Results
The below exception is thrown in the fisheye log file:
Caused by: java.lang.ClassCastException: [B cannot be cast to java.lang.String at org.apache.http.conn.ssl.DefaultHostnameVerifier.getSubjectAltNames(DefaultHostnameVerifier.java:309) [httpclient-4.5.3.jar:4.5.3] at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:112) [httpclient-4.5.3.jar:4.5.3] at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:99) [httpclient-4.5.3.jar:4.5.3] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:463) [httpclient-4.5.3.jar:4.5.3] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:397) [httpclient-4.5.3.jar:4.5.3] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) [httpclient-4.5.3.jar:4.5.3]
Workaround
- Regenerate the certificates so that it does not contain any ASN.1 DER encoded values.
Attachments
Issue Links
- is related to
-
-
- Closed
-