6

I'd like to create an SSL/TLS connection using the Netty framework which will send a SNI header together during handshake. My current code looks like this:

SslContext creation:

    TrustManagerFactory trustManagerFactory = SimpleTrustManagerFactory.getInstance(
            SimpleTrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init((KeyStore)null);

    sslContext = SslContextBuilder
            .forClient()
            .sslProvider(SslProvider.JDK)
            // TODO p0: Ensure all the versions we support have this algorithm installed
            .trustManager(trustManagerFactory)
            .build();

Then during pipeline creation:

    pipeline.addLast(sslContext.newHandler(ch.alloc(), cloud.getHostName(), cloud.getPort()));

However the SNI header is NOT sent. What is missing to force Netty to provide SNI in the SSL Client Handshake?

Robert Estivill
  • 12,369
  • 8
  • 43
  • 64
georgeatkins
  • 83
  • 4

1 Answers1

0

I could set the SNI using sslContext.newHandler(allocator, SERVER_NAME, PORT), it works fine.

Yunnosch
  • 26,130
  • 9
  • 42
  • 54
baiyang
  • 1
  • 1
  • For asking a clarification question (if you need it answered before you can provide a solution)k, the commenting privilege is needed. See https://meta.stackexchange.com/questions/214173/why-do-i-need-50-reputation-to-comment-what-can-i-do-instead BUt there is an option for users who do not have that privilege yet: – Yunnosch Apr 07 '23 at 05:48
  • Please phrase this as an explained conditional answer, in order to avoid the impression of asking a clarification question instead of answering (for which a comment should be used instead of an answer, compare https://meta.stackexchange.com/questions/214173/why-do-i-need-50-reputation-to-comment-what-can-i-do-instead ). For example like "If your problem is ... then the solution is to .... because .... ." – Yunnosch Apr 07 '23 at 05:48
  • I think the part I left is something of an answer, but that might be my lack of knowledge. So if it is not and you cannot [edit] as described above please delete the post. – Yunnosch Apr 07 '23 at 05:49