search

Home >Java >javaTutorial >Why Am I Getting an 'unrecognized_name' SSL Handshake Alert After Upgrading to Java 1.7?

Why Am I Getting an 'unrecognized_name' SSL Handshake Alert After Upgrading to Java 1.7?

DDD
DDDOriginal
2024-12-07 07:12:10760browse

Why Am I Getting an

SSL Handshake Alert: Unrecognized Name Issue after Upgrading to Java 1.7.0

Upon upgrading from Java 1.6 to 1.7, users may encounter an SSLHandshake alert with the error message "unrecognized_name" when establishing an SSL connection to a web server. This error is primarily due to Java 7's introduction of Server Name Indication (SNI) support, which becomes enabled by default.

To resolve this issue, there are several options available:

  • Disable SNI:

To disable SNI globally, the following command-line argument can be used when running the application:

-Djsse.enableSNIExtension=false

Alternatively, the property can be set programmatically before any SSL actions are performed:

System.setProperty("jsse.enableSNIExtension", "false");

However, disabling SNI may have implications for applications that require its functionality.

  • Handle Unrecognized Name Alerts:

Another approach involves handling the "unrecognized_name" alert more gracefully. The following steps can be taken:

// Create an SSLSocket with the desired hostname
SSLSocket sslsock = ...

// Attempt handshake
try {
    // This will block until the attempt succeeds or fails.
    sslsock.startHandshake();
} catch (SSLException e) {
    // Handle the exception here. If it contains the "unrecognized_name" message, disable SNI and retry.
}

// Disable SNI and retry handshake without hostname
if (e.getMessage().contains("unrecognized_name")) {
    sslsock = ... // Create an SSLSocket without specifying a hostname
    sslsock.startHandshake();
}
  • Allow Untrusted Certificates:

The code provided attempts to connect to a server with an untrusted certificate. To mitigate this, consider implementing custom trust management or using the built-in trust manager:

// Custom trust management (for untrusted certificates)
TrustManager[] trustAllCerts = ...

// Built-in trust manager
TrustManager[] trustManagers = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()).getTrustManagers();

The above is the detailed content of Why Am I Getting an 'unrecognized_name' SSL Handshake Alert After Upgrading to Java 1.7?. For more information, please follow other related articles on the PHP Chinese website!

Java for require Error using Property default this alert ssl issue
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:How to Add External JAR Files to the Classpath in NetBeans?Next article:How to Add External JAR Files to the Classpath in NetBeans?

Related articles

See more