Troubleshooting "java.security.cert.CertificateException: No Subject Alternative Names Present" Error in Java
When connecting to an HTTPS web service using a Java client, encountering the exception "java.security.cert.CertificateException: No subject alternative names present" can be frustrating. Here's how to address this issue:
Verifying Certificate Information
To obtain the server's certificate details, use the command "openssl s_client -showcerts -connect AAA.BBB.CCC.DDD:9443 > certs.txt." The resulting file "certs.txt" contains:
Alternative Solution
Regarding Step 1 of the Proposed Solution:
Regarding Step 2 of the Proposed Solution:
Recommended Approach
Consider the following alternatives:
// In the ISomeService class: static { disableSslVerification(); } private static void disableSslVerification() { // ... [Code to disable HTTPS checks as described in the provided answer] }
// In the ISomeService class: HostnameVerifier customVerifier = new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { // Perform custom hostname verification, such as accepting the IP address (AAA.BBB.CCC.DDD). return true; } }; HttpsURLConnection httpsConn = (HttpsURLConnection) url.openConnection(); httpsConn.setHostnameVerifier(customVerifier);
Caution: Disabling HTTPS checks or implementing a custom hostname verifier can compromise security. Use these approaches only for testing or in controlled environments.
The above is the detailed content of How to Fix the 'java.security.cert.CertificateException: No Subject Alternative Names Present' Error in Java?. For more information, please follow other related articles on the PHP Chinese website!