{
	"id": "169838",
	"key": "AC-5213",
	"fields": {
		"issuetype": {
			"id": "1",
			"description": "A problem which impairs or prevents the functions of the product.",
			"name": "Bug",
			"subtask": false
		},
		"project": {
			"id": "12217",
			"key": "AC",
			"name": "Appcelerator - INBOX",
			"projectCategory": {
				"id": "10000",
				"description": "",
				"name": "Customer Service"
			}
		},
		"resolution": {
			"id": "3",
			"description": "The problem is a duplicate of an existing issue.",
			"name": "Duplicate"
		},
		"resolutiondate": "2017-09-20T15:22:25.000+0000",
		"created": "2017-09-20T05:04:35.000+0000",
		"labels": [],
		"versions": [],
		"issuelinks": [],
		"assignee": {
			"name": "shossain",
			"key": "shossain",
			"displayName": "Shak Hossain",
			"active": false,
			"timeZone": "America/Los_Angeles"
		},
		"updated": "2017-09-20T15:22:25.000+0000",
		"status": {
			"description": "A resolution has been taken, and it is awaiting verification by reporter. From here issues are either reopened, or are closed.",
			"name": "Resolved",
			"id": "5",
			"statusCategory": {
				"id": 3,
				"key": "done",
				"colorName": "green",
				"name": "Done"
			}
		},
		"components": [],
		"description": "As per the appcelerator document Modules.Https, when an invalid secure certificate is passed through the security manager an error \"Leaf certificate could not be verified with provided public key\" is reported. But this is working fine with the first request only\r\nWhen passing the valid secure certificate for the first URL request and an invalid certificate for the next URL request of the same domain the error isn't been logged. Or if we didn't apply the security manager for the first request and apply the valid security certificate to the next request of the same domain then also error isn't been logged.\r\n\r\nEX:\r\nvar url1 = \"http://www.appcelerator.com/\";\r\n    var securityManager = https.createX509CertificatePinningSecurityManager([\r\n    {\r\n        url: url1,\r\n        serverCertificate: \"appcelerator.com.der\",\r\n    }\r\n]);\r\n    var httpClient = Ti.Network.createHTTPClient({\r\n    onload: firstSuccess,\r\n    onerror: firstfailure,\r\n    timeout : 5000,\r\n    securityManager: securityManager,\r\n    validatesSecureCertificate : true,\r\n });\r\nhttpClient.open(\"GET\", url1); \r\nhttpClient.send();\r\n \r\nvar url2 = \"https://www.appcelerator.com/mobile-app-development-products/\";\r\n    var securityManager = https.createX509CertificatePinningSecurityManager([\r\n    {\r\n        url: url2,\r\n        serverCertificate: \"google.com.der\", // Should not work, because it's pinned to a different domain\r\n    }\r\n]);\r\n    var httpClient = Ti.Network.createHTTPClient({\r\n    onload: secondSuccess,\r\n    onerror: secondfailure,\r\n    timeout : 5000,\r\n    securityManager: securityManager,\r\n    validatesSecureCertificate : true,\r\n });\r\nhttpClient.open(\"GET\", url2); \r\nhttpClient.send();\r\n{code:java}\r\n// Some comments here\r\npublic String getFoo()\r\n{\r\n    return foo;\r\n}\r\n{code}\r\nNow in the above example for the second request error method should be called because we are passing google certificate to the security manager. But in the code it is directly calling success method with out reporting any errors.",
		"attachment": [],
		"flagged": false,
		"summary": "appcelerator.https - Invalid certificate accepted if valid certificate was accepted before only for iOS",
		"creator": {
			"name": "Manasa.chirumamilla",
			"key": "manasa.chirumamilla",
			"displayName": "Manasa Chirumamilla",
			"active": true,
			"timeZone": "America/Los_Angeles"
		},
		"subtasks": [],
		"reporter": {
			"name": "Manasa.chirumamilla",
			"key": "manasa.chirumamilla",
			"displayName": "Manasa Chirumamilla",
			"active": true,
			"timeZone": "America/Los_Angeles"
		},
		"environment": "Appcelerator studio: 4.8.2\r\nSDK: 5.5.0\r\nmacOS: 10.12.2\r\nappcelerator.https: 2.0.2",
		"comment": {
			"comments": [
				{
					"id": "428164",
					"author": {
						"name": "hknoechel",
						"key": "hansknoechel",
						"displayName": "Hans Knöchel",
						"active": true,
						"timeZone": "Europe/Berlin"
					},
					"body": "Duplicate of MOD-2355.",
					"updateAuthor": {
						"name": "hknoechel",
						"key": "hansknoechel",
						"displayName": "Hans Knöchel",
						"active": true,
						"timeZone": "Europe/Berlin"
					},
					"created": "2017-09-20T15:22:25.000+0000",
					"updated": "2017-09-20T15:22:25.000+0000"
				}
			],
			"maxResults": 1,
			"total": 1,
			"startAt": 0
		}
	}
}