java SSLHandshakeException No subject alternative names matching IP address

Question

As a restful client, I can successfully connect to the server using the Postman software without any certification or security setting. (I receive the correct response from the server) But when I call it using java Program, it throws Exception below:

javax.net.ssl.SSLHandshakeException: No subject alternative names matching IP address 192.168.12.125 found

I also looked at this link that didn't solve my problem.

here is java code I used:

import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
import java.io.Serializable;

public class CallService implements Serializable {
    private String uri = "https://192.168.12.125:443/ssdpn";    
    private Client client;
    private WebResource webResource;

    public void sendRequest(String input) {
        try {
            client = Client.create();
            webResource = client.resource(uri);

            String requestBody = prepareJSONFormatRequest(input);
            ClientResponse response =
                    webResource.path("/Service205")
                            .header("trackId", "1001")
                            .header("serviceId", "Service205")
                            .post(ClientResponse.class, requestBody);

            String result = response.getEntity(String.class);

        } catch (Exception ex) {
            System.out.println(ex.getMessage());
        }
    }
    
    private String prepareJSONFormatRequest(String input) {
        StringBuilder request = new StringBuilder();
        request.append("{ ").append("\"SerialNumber\":\"").append(input).append("\" }");
        return request.toString();
    }

}

in the java program, I also use no certificate (As I do in Postman call). could anybody help me to find where does the problem lies?

http://web.archive.org/web/20160201235032/http://www.jroller.com/hasant/entry/no_subject_alternative_names_matching — PDHide, Nov 29 '20 at 13:24
https://lalmohan.co.nz/2020/02/10/create-and-install-a-san-certificate-subject-alternative-name-in-windows-without-third-party-tools/ — PDHide, Nov 29 '20 at 13:26

SM. Hosseini · Accepted Answer · 2020-12-05T08:57:37.490

I fixed by calling this method in the constructor:

private void fixHttpsHandler() {
    try {

        TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            public void checkClientTrusted(X509Certificate[] certs, String authType) {
            }

            public void checkServerTrusted(X509Certificate[] certs, String authType) {
            }
        }
        };

        SSLContext mySSLContext = SSLContext.getInstance("TLSv1.3");
        mySSLContext.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(mySSLContext.getSocketFactory());

        HostnameVerifier allHostsValid = new HostnameVerifier() {
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        };

        HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);

    } catch (Exception ex) {
        ex.printStackTrace();
    }

}

then

public class CallService implements Serializable {
    public CallService() {
            try {
            
                fixHttpsHandler();
                
            } catch (Exception ex) {
                System.out.println(ex.getMessage());
            }
        }
}

java SSLHandshakeException No subject alternative names matching IP address

1 Answers1