CODEWITHSUNDEEP
javaspring-bootssljersey
Teddy Kossoko
Teddy Kossoko

Reputation: 1322

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching xxx.com found

I'm trying from my java application to reach an external api. I use jersey to make a call request

ClientConfig clientConfig = new ClientConfig();
        //Open Digest authentication
        
        clientConfig.register(JacksonFeature.class);
        //Create new rest client
        Client client = ClientBuilder.newClient( clientConfig );
        
        //Set the url
        WebTarget webTarget = client.target(rootUrl);
        Invocation.Builder invocationBuilder =  webTarget.request(javax.ws.rs.core.MediaType.APPLICATION_JSON);
        
        MultivaluedMap<String, Object> header = new MultivaluedHashMap<>();
        header.add("UserName", username);
        header.add("Password", password);
        
        invocationBuilder.headers(header);
        logger.info("Initialisation of cashout service successful");
        
        // create request
        Gson gson = new Gson();
        String transactionString = gson.toJson(request);
        
        
        
        try {
            // start the response
            Response response = invocationBuilder.put(Entity.entity(transactionString, javax.ws.rs.core.MediaType.APPLICATION_JSON));
            //We check if the response is ok
            if(response.getStatus() == 200) {
                logger.info("The paiement is done, we got 200 code return");
                responseData = response.readEntity(AirtimePaymentResponse.class);
                
                logger.info("the response data is {} ", responseData);
            }else {
                logger.info("error during the paiement");
                throw new GGException("Error during the paiement", HttpStatus.valueOf(response.getStatus()));
            }
        }catch (Exception e) {
            throw new GGException(e.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR);
        }

but we got No subject alternative DNS name matching xxx.com found.. I could i disable the ssl check in my code so i can run in insecure mode ?

I tried lot of solution without success.

Thanks

Upvotes: 1

Views: 11064

Answers (1)

Hakan54
Hakan54

Reputation: 3889

Your issue is related to a similar question answered here: Certificate for <localhost> doesn't match any of the subject alternative names

In the above link you can find the detailed explanation, but basically what it means is that you are calling a server however the hostname you are using in the request is not defined in the server certificate subject alternative names (SAN) field. So I would suggest to create a new certificate for the server with the additional SAN field. I would not recommend to disable the ssl checks as it will not be secure anymore.

Upvotes: 0

Related Questions