Home > Java > javaTutorial > How to Fix the 'java.security.cert.CertificateException: No subject alternative names present' Error?

How to Fix the 'java.security.cert.CertificateException: No subject alternative names present' Error?

Patricia Arquette
Release: 2024-11-19 01:31:02
Original
332 people have browsed it

How to Fix the

Fixing the "java.security.cert.CertificateException: No subject alternative names present" Error

When consuming web services via HTTPS using Java clients, you may encounter the "java.security.cert.CertificateException: No subject alternative names present" error. To resolve this issue, follow these steps carefully:

  1. Obtain the Server's Certificate: Run the command openssl s_client -showcerts -connect AAA.BBB.CCC.DDD:9443 > certs.txt to retrieve the server's certificate.
  2. Extract the Certificate Content: Locate the section of "certs.txt" between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- and save it in a separate file.
  3. Modify the Certificate (Optional): If necessary, update the certificate's name to match the IP address of the server (AAA.BBB.CCC.DDD). However, modifying the certificate is only recommended if you have control over the server.
  4. Import the Certificate: Use the keytool command to import the modified certificate into your keystore. For example: keytool -importcert -file fileWithModifiedCertificate -keystore mykeystore.
  5. Disable HTTPS Checks (Testing Purposes Only): If you're using the service for testing and do not require secure communication, you can temporarily disable HTTPS checks by adding code to the client class that bypasses certificate validation and hostname verification. This solution is not recommended for production use.

Alternatively, you can use the suggestion from the similar question, which states that if you do not control the server, you should use its host name instead. This is because the certificate may contain a CN (Common Name) that matches the host name.

Remember, these steps are intended to resolve the specific issue of missing subject alternative names in the server's certificate. Depending on your environment and the specific service you're consuming, there may be variations or additional configurations required.

The above is the detailed content of How to Fix the 'java.security.cert.CertificateException: No subject alternative names present' Error?. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template