SSLException when server cert uses SAN (Subject Alternative Name)

I'm trying to establish a https connection using the classes in org.apache.http.*. As part of my setup, I'm using the BrowserCompatHostnameVerifier() class which states:

The hostname must match either the first CN, or any of the subject-alts. A wildcard can occur in the CN, and in any of the subject-alts.

When I hit a server who's hostname doesn't match that which is specified in the CN but does match one of the entries in the subject-alts, I get the following exception:

javax.net.ssl.SSLException: hostname in certificate didn't match: <mtvniph1-f.akamaihd.net> != <a248.e.akamai.net>
     at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:222)
     at org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:54)
     at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:151)
     at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:132)
     at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:321)

Here's the relevant code block that's causing this error:

DefaultHttpClient seed = new DefaultHttpClient();
SchemeRegistry registry = new SchemeRegistry();

SSLSocketFactory ssf = SSLSocketFactory.getSocketFactory();

// XXX: This verifier isn't working with Subject Alternative Names
ssf.s开发者_Go百科etHostnameVerifier(new BrowserCompatHostnameVerifier());

registry.register(new Scheme("https", ssf, 443));

SingleClientConnManager mgr = new SingleClientConnManager(seed.getParams(), registry);
DefaultHttpClient http = new DefaultHttpClient(mgr, seed.getParams());

// Config point, change to your preference
String url = "https://mtvniph1-f.akamaihd.net/e3_ubisoft_prod0.m3u8";

HttpGet method = new HttpGet(url);

HttpResponse response = null;
try
{
    response = http.execute(method);
}
catch (Exception e)
{
    Log.e(TAG, "Request failed", e);
}

Compare this behavior and that when you replace the url with "https://www.google.com". I can work around this by creating my own X509HostnameVerifier, but I want to know if this is a valid bug in BrowserCompatHostnameVerifier or if I'm doing something wrong.

Anyone else having similar issues?

According to trunk AbstractVerifier.java, it isn't picking up your subjectAltName (it lists all the names it finds in the exception). openssl s_client -connect mtvniph1-f.akamaihd.net:443 -showcerts suggests it's not a problem with the certificate.