FeignClient setting a wrong domain cookie

Question

I need to make http requests to a server located at domain1.example.com. The server has an SSL-certificate which lists domain2.example.com as its main domain whereas the domain1.example.com is listed in the alt section of the certificate.

Here is the code

public Client feignClient() {
        SSLContext sslContext = getSSLContext(protocol, keyStoreType, keyStore, keyStorePassword, keyPassword, trustStore, trustStorePassword);
        SSLConnectionSocketFactory sslConnectionSocketFactory = SSLConnectionSocketFactoryBuilder.create().setSslContext(sslContext).build();
        HttpClientConnectionManager connectionManager =
                PoolingHttpClientConnectionManagerBuilder.create().setSSLSocketFactory(sslConnectionSocketFactory).build();
        return new ApacheHttp5Client(HttpClients.custom().setConnectionManager(connectionManager).build());
    }

and

private SSLContext getSSLContext(
            String protocol,
            String keyStoreType,
            String keyStore,
            String keyStorePassword,
            String keyPassword,
            String trustStore,
            String trustStorePassword) {
        try {
            TrustStrategy acceptingTrustStrategy = (chain, authType) -> true;
            return SSLContexts.custom()
                    .setProtocol(protocol)
                    .setKeyStoreType(keyStoreType)
                    .loadKeyMaterial(loadKeyStore(keyStore, keyStorePassword, KEY_STORE), keyPassword.toCharArray())
                    .loadTrustMaterial(loadKeyStore(trustStore, trustStorePassword, TRUST_STORE), acceptingTrustStrategy)
                    .build();
        } catch (IOException
                 | UnrecoverableKeyException
                 | CertificateException
                 | NoSuchAlgorithmException
                 | KeyStoreException
                 | KeyManagementException e) {
            log.error("Error while building SSLContext for ApacheHttp5FeignSslClient", e);
            throw new ExceptionInInitializerError("Error while building SSLContext for ApacheHttp5FeignSslClient");
        }
    }

The problem is that it automatically sets the domain2.example.com in the Domain Cookie, which is rejected by the server with the following error:

 Illegal 'domain' attribute "domain2.example.com". Domain of origin: "domain1.example.com"

Is there a way to prevent the feighn client from setting the Domain Cookie

Answer 1

It turns out that the wrong cookie is set by the server, which then rejects it. However, it only produces warnings in the log without actually messing with the request