How to resolve SSL handshake exception

Question

I'm trying to execute the below lines of code:

public static String invokeRestService(String request) throws Exception {
        try {

            URL url = new URL("https://XXXXXXX:8403/v1/payment/test/req");
            HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
            urlConnection.
            urlConnection.setRequestMethod("POST");
            urlConnection.setRequestProperty("Accept", "application/json");
            urlConnection.setDoOutput(true);
            OutputStreamWriter osw = new OutputStreamWriter(urlConnection.getOutputStream());
            osw.write(request);
            osw.flush();
            osw.close();
            System.out.println(urlConnection.getResponseCode());

        } catch (Exception ex) {
            ex.printStackTrace();
        }
        return null;
    }

Whenever I tried to run the above code I observed the below error message and It says that SSL failed but When I tried to hit the same endpoint URL through postman without any authorization header it works as expected and return 200 response code as expected. I'm facing this exception when I tried to hit that endpoint through JAVA code. Is there anyway to setup the SSL explicit ? or How can I use the system default SSL?

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)

Dilyano Senders · Accepted Answer · 2019-02-18T11:03:53.907

0

I was looking in to your issue, after looking at this link: https://www.ibm.com/support/knowledgecenter/en/SS9J9E/ioc/ts_liberty_ip.html

I Think your DNS records are not correct, which states: you are trying to perform a SSL handshake with an URL which does not exist.

Could you reach the URL in your browser or using Curl?

If this is not the case, then I think the CN (Common Name) of your cerificate is not matching the domain of the url you are connecting to

edited Feb 18 '19 at 11:03

answered Feb 18 '19 at 10:42

Dilyano Senders

199
1
9

I think has to check certification file. if there is provided DNS name , this problem occur when DNS name is not exist. – Mithat Konuk Feb 18 '19 at 10:45
It works fine when I tried to hit from POSTMAN. And returned 200 response back. – ArrchanaMohan Feb 18 '19 at 10:48
Then I think the CN (Common Name) in your certificate is not matching the domain name you are connecting to. – Dilyano Senders Feb 18 '19 at 10:56
Do u have any Idea that How can I overcome this? – ArrchanaMohan Feb 18 '19 at 11:26
Well there are a couple options: Regenerate a new certificate that uses the correct CN, or edit your hosts file to redirect your request to the right address – Dilyano Senders Feb 18 '19 at 11:39
Another option, if this issues exists only on your local machine is the disable the SSL handshake – Dilyano Senders Feb 18 '19 at 11:39
@ArrchanaMohan please mark the solution as answer if it resolves your case. – Dilyano Senders Feb 18 '19 at 13:37
I'm trying it. If you give me some sample code base that will help me to fix it much faster. – ArrchanaMohan Feb 18 '19 at 15:55

How to resolve SSL handshake exception

1 Answers1