Servers misconfiguration causes clj-http to throw "SSLProtocolException - unrecognized_name" even with {:insecure true}

[ttchuong]

clj-http v3.1.0 is facing this exception while clj-http v2.2.0 is not. Below is my code (http/get "https://www.nationwidechildrens.org/Document/Get/82228" {:as :stream :insecure? true :throw-exceptions true })

Googling around, bring me to http://stackoverflow.com/questions/24720013/apache-http-client-ssl-certificate-error. I belive it was implemented in the newest code of clj-http in https://github.com/dakrone/clj-http/blob/master/src/clj_http/conn_mgr.clj#L25

[dakrone]

I looked into this, it turns out that the error we both receive is due to a misconfigured HTTP server, see

• https://issues.apache.org/jira/browse/HTTPCLIENT-1522
• https://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecognized-name-error-since-upgrade-to-java-1-7-0

The solution for this is to extend DefaultHttpClientConnectionOperator with a version that disables SNI when the server offers the wrong host as well as providing a custom SSLConnectionSocketFactory that will then pass an empty target host. For now I think this is a large amount of work for a small subset of misconfigured servers out there.

I'll mark this as "adopt me" if someone wants to work on it.