Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proxyman seems to not pick up on TLS SNI. No subject alternative DNS name matching stream.data.sandbox.alpaca.markets found in Java #2248

Open
robigan opened this issue Feb 7, 2025 · 2 comments
Open

Proxyman seems to not pick up on TLS SNI. No subject alternative DNS name matching stream.data.sandbox.alpaca.markets found in Java #2248

robigan opened this issue Feb 7, 2025 · 2 comments
Assignees
@NghiaTranUIT
Labels
bug Something isn't working

Comments

@robigan
Copy link

robigan commented Feb 7, 2025

Description

Trying to interface with the Alpaca markets API in Java for a project. Using org.java_websocket, I attempt to connect to the API with the Proxy setup in code, and I've gotten many errors so far, thus far I've had the infamous Sun path building error that's experienced here #569 (comment), and after some trial and error I manually used keytool to import Proxyman's CA certificate to Java. But now the error results in a Error: No subject alternative DNS name matching stream.data.sandbox.alpaca.markets found. being printed and the program exiting. In Proxyman, I see the failed attempts, but it seems to be unable to pick up on the TLS SNI, and I believe Proxyman is able to serve a certificate with the correct SAN.

Steps to Reproduce

  1. Bootstrap a Java program with org.java_websocket
  2. Use example https://github.com/TooTallNate/Java-WebSocket/blob/master/src/main/example/CustomHeaderClientExample.java and https://github.com/TooTallNate/Java-WebSocket/blob/master/src/main/example/ExampleClient.java as boilerplate and try to connect to stream.data.sandbox.alpaca.markets (No need to sign up and authenticate)
  3. Find that Java doesn't respect system proxies, so populate JVM cacert with Proxyman cert and setup proxy in code with https://github.com/TooTallNate/Java-WebSocket/wiki/Using-the-WebSocket-through-a-http-proxy
  4. Get the error Error: No subject alternative DNS name matching stream.data.sandbox.alpaca.markets found.

Current Behavior

It seems that Proxyman is unable to pick up on TLS SNI and isn't generating proper TLS certificate

Image

As seen in screenshot, I get https://IP-ADDRESS rather than https://DOMAIN, so I wonder if Proxyman is correctly picking up on TLS SNI

N.B.: I have tried using a Map Remote to get Proxyman to pickup on the correct Host, but this doesn't seem to work

Expected Behavior

For Java to work

Environment

  • App version: Proxyman 5.15.0
  • macOS version: macOS Sequoia 15.3
  • JVM Distribution & Version: Azul 21.0.6 (Installed at /Users/robigan/Library/Java/JavaVirtualMachines/azul-21.0.6/Contents/Home)
  • Gradle version: 8.8 (Using Java Azul 21.0.6)
@robigan robigan added the bug Something isn't working label Feb 7, 2025
@NghiaTranUIT NghiaTranUIT self-assigned this Feb 16, 2025
@NghiaTranUIT
Copy link
Member

@robigan if you don't mind, can you share with me a Git Repo for the Java sample code?

I'm not familiar with Java. Tried to add Java-Websocket but it can't compiled

@robigan
Copy link
Author

robigan commented Feb 19, 2025

@robigan if you don't mind, can you share with me a Git Repo for the Java sample code?

I'm not familiar with Java. Tried to add Java-Websocket but it can't compiled

Yes sure! Sorry been busy with school, will do this weekend.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@NghiaTranUIT NghiaTranUIT

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@NghiaTranUIT @robigan