I have a webapp running in Tomcat7 which integrates with a 3rd party REST API with an oauth authentication. The problem I am having is intermittent and seems to happen after the application has ran about a week or more.
When trying to request a token from the 3rd party API, I get the following response: Caused by: javax.net.ssl.SSLPeerUnverifiedException: Host name 'login.blah.com' does not match the certificate subject provided by the peer (CN=*.blacked.com, OU=Domain Control Validated).
The thing is, if I do a curl from this same machine, it responds correctly and if I restart Tomcat, the error goes away. I am using Spring and making the call using the RestTemplate class.
Originally I used the default implementation of RestTemplate and was receiving a pretty generic SocketTimeout exception. I then switched i to use Apache HttpComponentsClientHttpRequestFactory so I could make sure my HttpClient was closing and not leaving behind stale connections (since the issue only occurs after it's been running awhile). Since switching to HttpClient 4.5, I've been getting the certificate issue.
I also have the webapp running in a test environment, hitting the same URL and working fine while the app in production is throwing the exception. Restarting tomcat fixes the issue. The name in the exception message "CN=*.blacked.com" is not the domain I am attempting to hit and appears to be the domain of an adult website.
Now, every HTTP call I make to the 3rd party API, I create a new RestTemplate with a HttpComponentsClientHttpRequestFactory, make my request, close the HttpClient and destroy the connection factory.
I'm not really sure what could be causing this and can't really reproduce the error on demand since it's a very intermittent problem. Does anyone have any ideas?
