This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 11841 - Support for SNI (Server Name Indication)
Summary: Support for SNI (Server Name Indication)
Status: NEW
Alias: None
Product: CSSValidator
Classification: Unclassified
Component: Other (show other bugs)
Version: CSS Validator
Hardware: All All
: P2 enhancement
Target Milestone: ---
Assignee: This bug has no owner yet - up for the taking
QA Contact: qa-dev tracking
Depends on:
Reported: 2011-01-23 21:26 UTC by Luci Stanescu
Modified: 2014-05-09 01:07 UTC (History)
2 users (show)

See Also:


Description Luci Stanescu 2011-01-23 21:26:24 UTC
It seems the CSS Validator does not use SNI when making requests. Since this is becoming quite common in modern browsers, it may also become more common in installations. Not being able to validate pages which are served correctly only if using SNI can become quite annoying. The (X)HTML Validator doesn't support SNI either, but it accepts any certificate whatsoever (I'm not saying this is correct behaviour, but for a validation service it is not *that* bad), which is why I'm submitting this bug report only for the CSS Validator.

I've tested using Here is the error I am getting back:

I/O Error: PKIX path building failed: unable to find valid certification path to requested target 

I suppose this error is due to a wrong certificate being given by the server (I've checked my debug logs and the validator is not sending the hostname using SNI and therefore is getting a certificate signed by my own CA).
Luci Stanescu
Comment 1 Yves Lafon 2011-10-31 13:37:24 UTC
Modifications were done earlier to accept all certificates (including self-signed ones). However using SNI depends on the availability of libraries for that, or support in the JDK.