Use RFC2253 encoded cert subject

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1618566 13f79535-47bb-0310-9956-ffa450edef68
2014-08-18 09:26:19 +00:00 · 2014-08-18 09:26:19 +00:00 · 7c33892b02
parent 1894418915
commit 7c33892b02
1 changed files with 3 additions and 2 deletions
--- a/httpclient/src/main/java/org/apache/http/conn/ssl/AbstractCommonHostnameVerifier.java
+++ b/httpclient/src/main/java/org/apache/http/conn/ssl/AbstractCommonHostnameVerifier.java
@ -50,6 +50,7 @@ import javax.naming.ldap.Rdn;
 import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLSession;
+import javax.security.auth.x500.X500Principal;

 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@ -106,8 +107,8 @@ public abstract class AbstractCommonHostnameVerifier implements HostnameVerifier

    public final void verify(
            final String host, final X509Certificate cert) throws SSLException {
-        final String subjectPrincipal = cert.getSubjectX500Principal().toString();
-        final String[] cns = extractCNs(subjectPrincipal);
+        final X500Principal subjectPrincipal = cert.getSubjectX500Principal();
+        final String[] cns = extractCNs(subjectPrincipal.getName(X500Principal.RFC2253));
        final String[] subjectAlts = extractSubjectAlts(cert, host);
        verify(host, cns, subjectAlts);
    }