javax.net.ssl.SSLException: Certificate for <HERE_GOES_SNI_NAME> doesn't match any of the subject alternative names: [HERE_GOES_NOT_SNI_NAME]

Atlassian JIRA | Mirek Hankus | 1 year ago
tip
Your exception is missing from the Samebug knowledge base.
Here are the best solutions we found on the Internet.
Click on the to mark the helpful solution and get rewards for you help.
  1. 0

    Support for SNI in jira was implemented in JRA-24515, but after upgrade to JIRA 7.0.2 my logs are full of stacktraces like below. No user impact so far, but a lot of junk in log files makes it hard to track other problems with 7.0.2 {code} javax.net.ssl.SSLException: Certificate for <HERE_GOES_SNI_NAME> doesn't match any of the subject alternative names: [HERE_GOES_NOT_SNI_NAME] at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:164) at org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:61) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:140) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:114) at org.apache.http.conn.ssl.SSLSocketFactory.verifyHostname(SSLSocketFactory.java:569) at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:544) at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:409) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177) at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304) at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446) at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55) at com.atlassian.gadgets.renderer.internal.http.HttpClientFetcher.fetch(HttpClientFetcher.java:95) at org.apache.shindig.gadgets.DefaultGadgetSpecFactory.fetchObjectAndCache(DefaultGadgetSpecFactory.java:125) at org.apache.shindig.gadgets.DefaultGadgetSpecFactory.getGadgetSpec(DefaultGadgetSpecFactory.java:90) at com.atlassian.gadgets.renderer.internal.local.LocalGadgetSpecFactory.getGadgetSpec(LocalGadgetSpecFactory.java:71) at com.atlassian.gadgets.renderer.internal.local.LocalGadgetSpecFactory.getGadgetSpec(LocalGadgetSpecFactory.java:53) at com.atlassian.gadgets.renderer.internal.GadgetSpecFactoryImpl.getGadgetSpec(GadgetSpecFactoryImpl.java:141) at com.atlassian.gadgets.renderer.internal.GadgetSpecFactoryImpl.getGadgetSpec(GadgetSpecFactoryImpl.java:81) ... 2 filtered at java.lang.reflect.Method.invoke(Method.java:497) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56) at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLInterceptor.java:70) at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:53) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207) at com.sun.proxy.$Proxy1663.getGadgetSpec(Unknown Source) at com.atlassian.gadgets.dashboard.internal.impl.GadgetFactoryImpl.createSpecificationBasedGadget(GadgetFactoryImpl.java:142) at com.atlassian.gadgets.dashboard.internal.impl.GadgetFactoryImpl.access$000(GadgetFactoryImpl.java:41) at com.atlassian.gadgets.dashboard.internal.impl.GadgetFactoryImpl$1.visit(GadgetFactoryImpl.java:79) at com.atlassian.gadgets.dashboard.internal.impl.GadgetFactoryImpl$1.visit(GadgetFactoryImpl.java:75) at com.atlassian.gadgets.GadgetState.accept(GadgetState.java:145) at com.atlassian.gadgets.dashboard.internal.impl.GadgetFactoryImpl.createDashboardItem(GadgetFactoryImpl.java:74) at com.atlassian.gadgets.dashboard.internal.impl.StateConverterImpl.convertStateToGadget(StateConverterImpl.java:32) at com.atlassian.gadgets.dashboard.internal.impl.DashboardImpl$DashboardItemStateConverter.apply(DashboardImpl.java:232) at com.atlassian.gadgets.dashboard.internal.impl.DashboardImpl$DashboardItemStateConverter.apply(DashboardImpl.java:228) at com.google.common.collect.Iterators$8.transform(Iterators.java:799) at com.google.common.collect.TransformedIterator.next(TransformedIterator.java:48) at com.google.common.collect.TransformedIterator.next(TransformedIterator.java:48) at com.google.common.collect.Iterators$7.computeNext(Iterators.java:651) at com.google.common.collect.AbstractIterator.tryToComputeNext(AbstractIterator.java:143) at com.google.common.collect.AbstractIterator.hasNext(AbstractIterator.java:138) at com.google.common.collect.Iterators$7.computeNext(Iterators.java:650) at com.google.common.collect.AbstractIterator.tryToComputeNext(AbstractIterator.java:143) at com.google.common.collect.AbstractIterator.hasNext(AbstractIterator.java:138) {code} h3. Notes The SSLPoke tool (used as described [here|https://confluence.atlassian.com/kb/unable-to-connect-to-ssl-services-due-to-pkix-path-building-failed-779355358.html]) may not indicate a problem with SSL certificates, when alternative address are being used with SNI. Using this tool - https://bitbucket.org/atlassianlabs/httpclienttest/overview together with the SSL poke tool is a good way to determine if you're affected by this bug.

    Atlassian JIRA | 1 year ago | Mirek Hankus
    javax.net.ssl.SSLException: Certificate for <HERE_GOES_SNI_NAME> doesn't match any of the subject alternative names: [HERE_GOES_NOT_SNI_NAME]
  2. 0

    Support for SNI in jira was implemented in JRA-24515, but after upgrade to JIRA 7.0.2 my logs are full of stacktraces like below. No user impact so far, but a lot of junk in log files makes it hard to track other problems with 7.0.2 {code} javax.net.ssl.SSLException: Certificate for <HERE_GOES_SNI_NAME> doesn't match any of the subject alternative names: [HERE_GOES_NOT_SNI_NAME] at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:164) at org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:61) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:140) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:114) at org.apache.http.conn.ssl.SSLSocketFactory.verifyHostname(SSLSocketFactory.java:569) at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:544) at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:409) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177) at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304) at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446) at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55) at com.atlassian.gadgets.renderer.internal.http.HttpClientFetcher.fetch(HttpClientFetcher.java:95) at org.apache.shindig.gadgets.DefaultGadgetSpecFactory.fetchObjectAndCache(DefaultGadgetSpecFactory.java:125) at org.apache.shindig.gadgets.DefaultGadgetSpecFactory.getGadgetSpec(DefaultGadgetSpecFactory.java:90) at com.atlassian.gadgets.renderer.internal.local.LocalGadgetSpecFactory.getGadgetSpec(LocalGadgetSpecFactory.java:71) at com.atlassian.gadgets.renderer.internal.local.LocalGadgetSpecFactory.getGadgetSpec(LocalGadgetSpecFactory.java:53) at com.atlassian.gadgets.renderer.internal.GadgetSpecFactoryImpl.getGadgetSpec(GadgetSpecFactoryImpl.java:141) at com.atlassian.gadgets.renderer.internal.GadgetSpecFactoryImpl.getGadgetSpec(GadgetSpecFactoryImpl.java:81) ... 2 filtered at java.lang.reflect.Method.invoke(Method.java:497) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56) at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLInterceptor.java:70) at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:53) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207) at com.sun.proxy.$Proxy1663.getGadgetSpec(Unknown Source) at com.atlassian.gadgets.dashboard.internal.impl.GadgetFactoryImpl.createSpecificationBasedGadget(GadgetFactoryImpl.java:142) at com.atlassian.gadgets.dashboard.internal.impl.GadgetFactoryImpl.access$000(GadgetFactoryImpl.java:41) at com.atlassian.gadgets.dashboard.internal.impl.GadgetFactoryImpl$1.visit(GadgetFactoryImpl.java:79) at com.atlassian.gadgets.dashboard.internal.impl.GadgetFactoryImpl$1.visit(GadgetFactoryImpl.java:75) at com.atlassian.gadgets.GadgetState.accept(GadgetState.java:145) at com.atlassian.gadgets.dashboard.internal.impl.GadgetFactoryImpl.createDashboardItem(GadgetFactoryImpl.java:74) at com.atlassian.gadgets.dashboard.internal.impl.StateConverterImpl.convertStateToGadget(StateConverterImpl.java:32) at com.atlassian.gadgets.dashboard.internal.impl.DashboardImpl$DashboardItemStateConverter.apply(DashboardImpl.java:232) at com.atlassian.gadgets.dashboard.internal.impl.DashboardImpl$DashboardItemStateConverter.apply(DashboardImpl.java:228) at com.google.common.collect.Iterators$8.transform(Iterators.java:799) at com.google.common.collect.TransformedIterator.next(TransformedIterator.java:48) at com.google.common.collect.TransformedIterator.next(TransformedIterator.java:48) at com.google.common.collect.Iterators$7.computeNext(Iterators.java:651) at com.google.common.collect.AbstractIterator.tryToComputeNext(AbstractIterator.java:143) at com.google.common.collect.AbstractIterator.hasNext(AbstractIterator.java:138) at com.google.common.collect.Iterators$7.computeNext(Iterators.java:650) at com.google.common.collect.AbstractIterator.tryToComputeNext(AbstractIterator.java:143) at com.google.common.collect.AbstractIterator.hasNext(AbstractIterator.java:138) {code} h3. Notes The SSLPoke tool (used as described [here|https://confluence.atlassian.com/kb/unable-to-connect-to-ssl-services-due-to-pkix-path-building-failed-779355358.html]) may not indicate a problem with SSL certificates, when alternative address are being used with SNI. Using this tool - https://bitbucket.org/atlassianlabs/httpclienttest/overview together with the SSL poke tool is a good way to determine if you're affected by this bug.

    Atlassian JIRA | 1 year ago | Mirek Hankus
    javax.net.ssl.SSLException: Certificate for <HERE_GOES_SNI_NAME> doesn't match any of the subject alternative names: [HERE_GOES_NOT_SNI_NAME]
  3. 0

    HTTPS support with keystore

    GitHub | 3 years ago | ljhljh235
    javax.net.ssl.SSLException: hostname in certificate didn't match: <localhost> != <tom akehurst>
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    GitHub comment 152#142536855

    GitHub | 2 years ago | klvries
    org.springframework.ws.client.WebServiceIOException: I/O error: hostname in certificate didn't match: <localhost> != <osgp-tst.cloudapp.net>; nested exception is javax.net.ssl.SSLException: hostname in certificate didn't match: <localhost> != <osgp-tst.cloudapp.net>
  6. 0

    Problems connecting/authenticating to secure XML-based Ruby-on-Rails website

    Stack Overflow | 1 year ago | Jurge92
    javax.net.ssl.SSLException: Certificate for <93...145> doesn't match common name of the certificate subject: dev-...no

    4 unregistered visitors
    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. javax.net.ssl.SSLException

      Certificate for <HERE_GOES_SNI_NAME> doesn't match any of the subject alternative names: [HERE_GOES_NOT_SNI_NAME]

      at org.apache.http.conn.ssl.AbstractVerifier.verify()
    2. Apache HttpClient
      CloseableHttpClient.execute
      1. org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:164)
      2. org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:61)
      3. org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:140)
      4. org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:114)
      5. org.apache.http.conn.ssl.SSLSocketFactory.verifyHostname(SSLSocketFactory.java:569)
      6. org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:544)
      7. org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:409)
      8. org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
      9. org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
      10. org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
      11. org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
      12. org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882)
      13. org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
      14. org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
      15. org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
      15 frames
    3. com.atlassian.gadgets
      HttpClientFetcher.fetch
      1. com.atlassian.gadgets.renderer.internal.http.HttpClientFetcher.fetch(HttpClientFetcher.java:95)
      1 frame
    4. org.apache.shindig
      DefaultGadgetSpecFactory.getGadgetSpec
      1. org.apache.shindig.gadgets.DefaultGadgetSpecFactory.fetchObjectAndCache(DefaultGadgetSpecFactory.java:125)
      2. org.apache.shindig.gadgets.DefaultGadgetSpecFactory.getGadgetSpec(DefaultGadgetSpecFactory.java:90)
      2 frames
    5. com.atlassian.gadgets
      GadgetSpecFactoryImpl.getGadgetSpec
      1. com.atlassian.gadgets.renderer.internal.local.LocalGadgetSpecFactory.getGadgetSpec(LocalGadgetSpecFactory.java:71)
      2. com.atlassian.gadgets.renderer.internal.local.LocalGadgetSpecFactory.getGadgetSpec(LocalGadgetSpecFactory.java:53)
      3. com.atlassian.gadgets.renderer.internal.GadgetSpecFactoryImpl.getGadgetSpec(GadgetSpecFactoryImpl.java:141)
      4. com.atlassian.gadgets.renderer.internal.GadgetSpecFactoryImpl.getGadgetSpec(GadgetSpecFactoryImpl.java:81)
      4 frames