0

I have imported the self sign certificate from the server using keytool and all work well.

Problem is that it works only when the CN name is use "example.corp.org" for the https: url with JAX-WS client. I get an error if i try to use the server IP address:

Exception in thread "AWT-EventQueue-0"     com.sun.xml.internal.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present

I understand why i am getting the error but for a varies reasons i need to use the server IP address to connect to it and not the CN name.

Anyone have any suggestions?

Thanks Alexis

Improve this question

2 Answers 2

Reset to default
1

You should add Subject Alternative Name to the certificate

subjectAltName=IP:serverIp
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

how could i do that? I am guessing this is done using keytool? if i am correct would there be a workaround that i can do within the java code?
I should have also said that i have no control over the self sign certificate i download from the server.
0

sort of resolve it... found the answer here: https://forums.oracle.com/forums/thread.jspa?messageID=6411944

HostnameVerifier myhostnameverifier = new HostnameVerifier() 
{
@Override
public boolean verify(String urlHostName, SSLSession session) 
{
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(myhostnameverifier);
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.