0

I'm trying from my java application to reach an external api. I use jersey to make a call request

ClientConfig clientConfig = new ClientConfig();
        //Open Digest authentication
        
        clientConfig.register(JacksonFeature.class);
        //Create new rest client
        Client client = ClientBuilder.newClient( clientConfig );
        
        //Set the url
        WebTarget webTarget = client.target(rootUrl);
        Invocation.Builder invocationBuilder =  webTarget.request(javax.ws.rs.core.MediaType.APPLICATION_JSON);
        
        MultivaluedMap<String, Object> header = new MultivaluedHashMap<>();
        header.add("UserName", username);
        header.add("Password", password);
        
        invocationBuilder.headers(header);
        logger.info("Initialisation of cashout service successful");
        
        // create request
        Gson gson = new Gson();
        String transactionString = gson.toJson(request);
        
        
        
        try {
            // start the response
            Response response = invocationBuilder.put(Entity.entity(transactionString, javax.ws.rs.core.MediaType.APPLICATION_JSON));
            //We check if the response is ok
            if(response.getStatus() == 200) {
                logger.info("The paiement is done, we got 200 code return");
                responseData = response.readEntity(AirtimePaymentResponse.class);
                
                logger.info("the response data is {} ", responseData);
            }else {
                logger.info("error during the paiement");
                throw new GGException("Error during the paiement", HttpStatus.valueOf(response.getStatus()));
            }
        }catch (Exception e) {
            throw new GGException(e.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR);
        }

but we got No subject alternative DNS name matching xxx.com found.. I could i disable the ssl check in my code so i can run in insecure mode ?

I tried lot of solution without success.

Thanks

Teddy Kossoko
  • 1,168
  • 3
  • 20
  • 48

1 Answers1

0

Your issue is related to a similar question answered here: Certificate for <localhost> doesn't match any of the subject alternative names

In the above link you can find the detailed explanation, but basically what it means is that you are calling a server however the hostname you are using in the request is not defined in the server certificate subject alternative names (SAN) field. So I would suggest to create a new certificate for the server with the additional SAN field. I would not recommend to disable the ssl checks as it will not be secure anymore.

Hakan54
  • 3,121
  • 1
  • 23
  • 37
  • thank you for the response. I'm very new in server stuff, so i don't get everything. So, if i understand well, in my server the hostname is not in my certificate, so i have to create in my server a new one with the distant server in SAN field ? Thanks – Teddy Kossoko Dec 13 '22 at 09:25
  • Yes that is correct! So for example your server is reachable on the following host: foobar.com than your SAN field should contain a DNS entry with foobar.com. By the way if you use an ip instead of host than you should add an IP entry – Hakan54 Dec 13 '22 at 10:57