Home >Java >javaTutorial >How to Fix the 'java.security.cert.CertificateException: No subject alternative names present' Error in Java Web Services?

How to Fix the 'java.security.cert.CertificateException: No subject alternative names present' Error in Java Web Services?

DDD
DDDOriginal
2024-11-07 17:21:02639browse

How to Fix the

Fixing the "java.security.cert.CertificateException: No subject alternative names present" Error

In Java web service clients consuming HTTPS services, the "java.security.cert.CertificateException: No subject alternative names present" error occurs when the certificate lacks subject alternative names. Here's a step-by-step solution:

To fix this issue:

  1. Retrieve the Certificate: Run "openssl s_client -showcerts -connect AAA.BBB.CCC.DDD:9443 > certs.txt" to obtain the certificate.
  2. Extract the Certificate: Copy the text between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" from certs.txt.
  3. Modify the Certificate: Replace the certificate name with "AAA.BBB.CCC.DDD" to match the IP address.
  4. Import the Certificate: Use "keytool -importcert -file fileWithModifiedCertificate" to import the modified certificate.

Alternatively, to use the host name instead of the certificate:

  1. Disable SSL Verification: Add the following code to your ISomeService class:
static {
    disableSslVerification();
}

private static void disableSslVerification() {
    // ... same code as above for disabling SSL verification ...
}
  1. Understand the "Use" Meaning: "Use" refers to using the host name as the server identity, even though the certificate contains a different name.

The above is the detailed content of How to Fix the 'java.security.cert.CertificateException: No subject alternative names present' Error in Java Web Services?. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn