• Register
0 votes
58 views

Problem :

I have the Java web service client, which consumes the web service via HTTPS.

When I try to connect to the service URL (https://AAA.BBB.CCC.DDD:9443/ISomeService ), I get the exception as below:

“ Java.security.cert.CertificateException: No subject alternative names present.”

7 5 2
3,870 points

Please log in or register to answer this question.

1 Answer

0 votes

Solution :

I had faced the same problem and solved with below code. I put this code before my first call to the webservices.

javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
new javax.net.ssl.HostnameVerifier(){

    public boolean verify(String hostname,
            javax.net.ssl.SSLSession sslSession) {
        return hostname.equals("localhost");
    }
});

It is very simple and it works fine for me.

OR

The verification of a certificate identity is performed against what a client requests.

When your client uses the https://xxx.xxx.xxx.xxx/something (where xxx.xxx.xxx.xxx is an IP address), a certificate identity is checked against your IP address (in theory, only using the IP SAN extension).

If the certificate has no IP SAN, but DNS SANs (or if no DNS SAN, the Common Name in a Subject DN), you can get this to work by just making your client use the URL with that host name instead (or the host name for which a cert would be valid, if there are multiple possible values). For example, if you cert has the name for www.example.com, use the https://www.example.com/something.

Of course, you will need that the host name to resolve to that of the IP address.

9 7 4
38,600 points

Related questions

0 votes
1 answer 165 views
165 views
Problem : I have a Java web service client, which consumes a web service via HTTPS. When I connect to the service URL, I get the exception java.security.cert.CertificateException: No subject alternative names present.
asked Oct 22, 2019 peterlaw 6.9k points
0 votes
1 answer 13 views
0 votes
1 answer 21 views
21 views
Problem: java.security.cert.certpathvalidatorexception: trust anchor for certification path not found.
asked Feb 19 Lucky Guy 1.5k points
0 votes
2 answers 347 views
347 views
Problem : I am trying to consume a RESTful service from url https://someurl.com. But I am getting the following error: java security cert certpathvalidatorexception certificate chaining error
asked Oct 23, 2019 peterlaw 6.9k points
0 votes
1 answer 1 view
1 view
Problem: In my Action, I am trying to send some data to the bank server but without any luck, because I have as a result from the server the following error: error: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
asked Mar 30 ummesalma 25.2k points
0 votes
2 answers 303 views
303 views
Problem : I am getting bellow error while using keytool keytool error: java.lang.exception: public keys in reply and keystore don't match
asked Oct 19, 2019 peterlaw 6.9k points
0 votes
1 answer 193 views
193 views
Problem : I can push by clone project using ssh but it is not working for me getting following error server certificate verification failed. cafile: /etc/ssl/certs/ca-certificates.crt crlfile: none
asked Nov 12, 2019 peterlaw 6.9k points
0 votes
1 answer 624 views
624 views
Problem : I have a java complied package and it is sopposed to communicate with https server on net. But when i try running the compilation gives the following exception: javax.net.ssl.sslexception: unrecognized ssl message, plaintext connection?
asked Oct 23, 2019 peterlaw 6.9k points
0 votes
1 answer 2 views
2 views
Problem: I was looking at few sites and their SSL certificate and I noticed that few SSL certificates shows Issuer[Issued by] as mydomain[myorganisation] Is this some type of certificate, Can someone explain this !
asked 3 days ago ummesalma 25.2k points