Uploaded image for project: 'MINA'
  1. MINA
  2. DIRMINA-1122

Add support for endpoint identification algorithm

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 2.0.22, 2.1.3
    • 2.1.7, 2.0.24, 2.2.2
    • Filter, SSL
    • None

    Description

      Support for endpoint identification algorithm was added in Java 1.7. Currently MINA supports providing single SNI name via org.apache.mina.filter.ssl.SslFilter#PEER_ADDRESS session attribute, but there is no way verifying it matches the certificate received.

      It would be nice if we could provide endpoint identification algorithm to SslFilter so certificate's common name or subject alternative names are verified.

      Attachments

        Issue Links

          is part of

          Bug - A problem which impairs or prevents the functions of the product. DIRMINA-1132 TLSv1.3 - MINA randomly fails in reading the message sent by client

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. DIRSTUDIO-1255 ApacheDS Does Not Send TLS HostSNI Extension Information in Requests

          • Major - Major loss of function.
          • Open

          Activity

            People

              johnnyv Jonathan Valliere
              the-thing Marcin L
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 3h 10m
                  3h 10m