Add subject alt to JKS store and re-enable OkHttp SSL tests
Closes gh-35106
This commit is contained in:
parent
03c838dccc
commit
e356a483b6
|
@ -19,7 +19,6 @@ package org.springframework.boot.web.client;
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
|
|
||||||
import okhttp3.OkHttpClient;
|
import okhttp3.OkHttpClient;
|
||||||
import org.junit.jupiter.api.Disabled;
|
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
|
|
||||||
import org.springframework.boot.testsupport.classpath.ClassPathExclusions;
|
import org.springframework.boot.testsupport.classpath.ClassPathExclusions;
|
||||||
|
@ -67,9 +66,4 @@ class ClientHttpRequestFactoriesOkHttp3Tests
|
||||||
return ((OkHttpClient) ReflectionTestUtils.getField(requestFactory, "client")).readTimeoutMillis();
|
return ((OkHttpClient) ReflectionTestUtils.getField(requestFactory, "client")).readTimeoutMillis();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
@Disabled("OkHostnameVerifier fails because the JSK doesn't have a type 2 SubjectAltName")
|
|
||||||
void connectWithSslBundle() throws Exception {
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,7 +19,6 @@ package org.springframework.boot.web.client;
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
|
|
||||||
import okhttp3.OkHttpClient;
|
import okhttp3.OkHttpClient;
|
||||||
import org.junit.jupiter.api.Disabled;
|
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
|
|
||||||
import org.springframework.boot.testsupport.classpath.ClassPathExclusions;
|
import org.springframework.boot.testsupport.classpath.ClassPathExclusions;
|
||||||
|
@ -65,9 +64,4 @@ class ClientHttpRequestFactoriesOkHttp4Tests
|
||||||
return ((OkHttpClient) ReflectionTestUtils.getField(requestFactory, "client")).readTimeoutMillis();
|
return ((OkHttpClient) ReflectionTestUtils.getField(requestFactory, "client")).readTimeoutMillis();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
@Disabled("OkHostnameVerifier fails because the JSK doesn't have a type 2 SubjectAltName")
|
|
||||||
void connectWithSslBundle() throws Exception {
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -458,7 +458,7 @@ public abstract class AbstractServletWebServerFactoryTests {
|
||||||
new ExampleServlet(true, false), "/hello");
|
new ExampleServlet(true, false), "/hello");
|
||||||
this.webServer = factory.getWebServer(registration);
|
this.webServer = factory.getWebServer(registration);
|
||||||
this.webServer.start();
|
this.webServer.start();
|
||||||
TrustStrategy trustStrategy = new SerialNumberValidatingTrustSelfSignedStrategy("3a3aaec8");
|
TrustStrategy trustStrategy = new SerialNumberValidatingTrustSelfSignedStrategy("6454C1DC");
|
||||||
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build();
|
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build();
|
||||||
PoolingHttpClientConnectionManager connectionManager = PoolingHttpClientConnectionManagerBuilder.create()
|
PoolingHttpClientConnectionManager connectionManager = PoolingHttpClientConnectionManagerBuilder.create()
|
||||||
.setSSLSocketFactory(new SSLConnectionSocketFactory(sslContext))
|
.setSSLSocketFactory(new SSLConnectionSocketFactory(sslContext))
|
||||||
|
@ -1628,7 +1628,7 @@ public abstract class AbstractServletWebServerFactoryTests {
|
||||||
@Override
|
@Override
|
||||||
public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
|
public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
|
||||||
String hexSerialNumber = chain[0].getSerialNumber().toString(16);
|
String hexSerialNumber = chain[0].getSerialNumber().toString(16);
|
||||||
boolean isMatch = hexSerialNumber.equals(this.serialNumber);
|
boolean isMatch = hexSerialNumber.equalsIgnoreCase(this.serialNumber);
|
||||||
return super.isTrusted(chain, authType) && isMatch;
|
return super.isTrusted(chain, authType) && isMatch;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Binary file not shown.
Loading…
Reference in New Issue