3

I have created some HTTPS-Server with a self signed certificate with this CN=localhost. But when I'm starting the Client, it tells me some Bind-Exception: 

socket::connect fails with error code = 10049

I created some new certificate with CN=hostname, which I found out (and which is the computer name) with following line:

hostname = InetAddress.getLocalHost());

But this way is not a practical for me. I want to create one certificate with some URL like example.com and want to use this certificate more than one time. So i had following idea: I adding some url to /etc/hosts-file with this:

127.0.0.1      example.com

And then I'm using the URL example.com.

Is there any way to change InetAddress.getLocalhost? Or is there a possibility to use some customer ip-address order hostname?

I have used:

InetSocketAddress address = new InetSocketAddress("test.com",9999);

to create a customer address, but this not resolved the Bind-Exception.

Do someone have any ideas?

jww
  • 97,681
  • 90
  • 411
  • 885
Mira Mira
  • 1,385
  • 3
  • 11
  • 18
  • Also see [Assigning a domain name to localhost for development environment](https://stackoverflow.com/q/7576217/608639) and [Third-Party Signed SSL Certificate for localhost or 127.0.0.1?](https://stackoverflow.com/q/6793174/608639) – jww Mar 04 '18 at 16:49
  • ***`CN=www.example.com`*** is probably wrong. Hostnames always go in the *SAN*. If its present in the *CN*, then it must be present in the *SAN* too (you have to list it twice in this case). For more rules and reasons, see [How do you sign Certificate Signing Request with your Certification Authority](http://stackoverflow.com/a/21340898/608639) and [How to create a self-signed certificate with openssl?](http://stackoverflow.com/q/10175812/608639) You will also need to place the self-signed certificate in the appropriate trust store. – jww Mar 04 '18 at 16:49

1 Answers1

0

When hostname to hostname mapping is not possible, let us create certificate with IP Address and later map n number of hostnames to same IP Address.

Create the certificate with CN=127.0.0.1 or CN=<LOCAL_IP_ADDRESS> and then resolve it to example.com through hosts file and then try to use InetSocketAddress address = new InetSocketAddress("example.com",9999);

jww
  • 97,681
  • 90
  • 411
  • 885
James Jithin
  • 10,183
  • 5
  • 36
  • 51
  • Hello! Thx for your response! I have created a new self signed certificate and imported it to my existing keystore. Now i have got this exception: `Exception thrown: javax.microedition.pki.CertificateException:Certificate does not contain the correct site name localhost vs test.com` I dont understand this exception. Because i have imported both! The certificate for localhost and test.com. :-( – Mira Mira Jul 25 '16 at 14:18
  • How many entries do you have in the certificate? Could you try with a fresh certificate file with CN=127.0.0.1? – James Jithin Jul 25 '16 at 14:27
  • What do you mean with "How many entries do you have in certificate?" I created a fresh certificate with openssl and imported this to my keystore. But this not resolved my problem. With my browser as client i am able to reach my server. But with my client, which is a java application i am getting know this error: `IOException occured socket::connect fails with error code = 10051` when I am trying to reach the hostname, which i get like written above. I'm trying to resolve `https://hostname:443/` – Mira Mira Jul 26 '16 at 11:35