Reputation: 173
Java SNI unrecognized name
I'm on Java 8 using Apache HttpClient (4.5.2) and I get this error:
javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
I know that I could get around that using:
System.setProperty("jsse.enableSNIExtension", "false");
But if I do that other https sites can't be connected to anymore.
From these two sites I can only connect to one depending on whether I enable SNI or not but I have not found a setting that allows me to connect to both succesfully:
Can anyone reproduce that or has solved this?
Upvotes: 1
Views: 1749
Answers (1)
Reputation: 3174
This Exception is raised because the server is returning a certificate which doesn't match the FQDN you requested. Disabling SNI on client-side is not the adequate solution, instead you have to disable the Hostname Verification as explained in the HttpClient doc
SSLContext sslContext = SSLContexts.createSystemDefault();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslContext,
NoopHostnameVerifier.INSTANCE);
Upvotes: 1
Related Questions
- How to fetch HTTPS web resurce with HttpClient 4.5.2 & JDK 1.8 when server uses Server Name Indication (SNI) extension?
- java.lang.IllegalArgumentException: Duplicated server name of type 0
- Java HTTPS request: hostname in certificate doesn't match
- TLS extension "Server Name Indication" (SNI): value not available on server side
- Cannot find SNIServerName class
- java the host name doesn't match the certificate
- httpClientBuilder cannot be resolved in Java
- SSLProtocolException: handshake alert: unrecognized_name: client-side code workaround?
- Server Name Indication (SNI) on Java
- SSLHandshakeException: hostname in certificate didn't match