[sword-devel] SSL mystery @ crosswire.org
tuomas.airaksinen at gmail.com
Thu Sep 17 09:33:34 EDT 2020
Related issue: https://github.com/AndBible/and-bible/issues/823
Could there be an explanation for this in (mis?)configuration of
On Thu, Sep 17, 2020 at 4:19 PM Tuomas Airaksinen <
tuomas.airaksinen at gmail.com> wrote:
> When I type
> host crosswire.org it gives me ip 184.108.40.206.
> When I fetch ssl cert for that ip (openssl s_client -connect
> 220.127.116.11:443), it gives cert with CN www.ancc-gan.de.
> This confuses And Bible on Android 5 (lollipop), as host name checking
> will fail to
> javax.net.ssl.SSLPeerUnverifiedException: Certificate for <crosswire.org>
> doesn't match any of the subject alternative names: [www.ancc-gan.de]
> In more recent Android versions it works properly.
> Now for Android 5 I have made exception such that host name verification
> is bypassed, but that's not neat nor secure.
> T: Tuomas
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the sword-devel