Error SSLPeerUnverifiedException while making the API call via in Java apache on a unix server

Options
John Williams
John Williams Explorer
in World-Check One

Hi,

I am currently stuck with the below issue in my environment. Could you please help to check if there is any way to resolve it. The Java code posted worked on my Windows environment, but the same code is not working on my Unix environment.

I am trying on my end to check for solutions.

javax.net.ssl.SSLPeerUnverifiedException: Certificate for <159.220.25.95> doesn't match any of the subject alternative names: [*.thomsonreuters.com]
[5/19/17 22:15:02:394 CST] 0000002e SystemErr R at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:467)
[5/19/17 22:15:02:395 CST] 0000002e SystemErr R at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:397)
[5/19/17 22:15:02:395 CST] 0000002e SystemErr R at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
[5/19/17 22:15:02:395 CST] 0000002e SystemErr R at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)

Thank you,

John

Tagged:

Best Answer

  • brian.bourgault
    brian.bourgault LSEG
    Answer ✓

    Hi @John Williams,

    The certificate does not have the IP address in it. It only has the URL

    Have you checked your /etc/hosts file setup?

    Hope this helps,

    Brian

Answers

  • John Williams
    John Williams Explorer

    Hi Brian,

    The Subject Alternative Names field in
    the certificate of TR does not have the IP address in it. It only has the URL.

    So I had to change my code to use the
    host name in the URL for the IP address and add the host name in the hosts file
    for the unix server.

    Once host name is added in the hosts
    file, we were able to make the connection successfully.

    Thanks,

    John

Categories