Hello,
it looks like the SAN field of your certificate only contains the IP-address
10.106.206.143 but not the domain name parthise2.cisco.com.
Chrome already switched in 2017 from the field "common name" to the field
"subject alternative name",
E.g.
https://security.stackexchange.com/questions/172626/chrome-requires-san-names-in-certificate-when-will-other-browsers-ie-follow
Best is to get a new certificate with a SAN field containing the domain name.
Greetings,
Thomas
-Ursprüngliche Nachricht-
Von: Parth Parikh -X (parparik - WIPRO LIMITED at Cisco)
Gesendet: Dienstag, 28. September 2021 13:49
An: users@tomcat.apache.org
Betreff: Getting SSLPeerUnverifiedException , when using httpclient-4.5.13
Hi,
I am getting below exception error , when using httpclient-4.5.13 jar ,
javax.net.ssl.SSLPeerUnverifiedException: Certificate for
doesn't match any of the subject alternative names: [10.106.206.143]
at
org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507)
at
org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437)
at
org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
at
org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at
org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:374)
at
org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
at
org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at
org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at
org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at
org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
at
com.cisco.cpm.infrastructure.softwareupdates.http.HttpExecutor.executeGet(HttpExecutor.java:194)
at
com.cisco.cpm.infrastructure.systemconfig.CpmPatchUtil.remoteServerStatus(CpmPatchUtil.java:1003)
at
com.cisco.cpm.infrastructure.systemconfig.CpmPatchUtil.listPatchesFromAllNodes(CpmPatchUtil.java:551)
at
com.cisco.cpm.infrastructure.systemconfig.CpmPatchManagement.getInstalledPatches(CpmPatchManagement.java:90)
at
com.cisco.cpm.admin.infra.action.PatchInstallAction.loadGridData(PatchInstallAction.java:377)
when I changed httpclient jar file from httpclient-4.5.13 to httpclient-4.4 .
There is no exception error and code just works fine.
Is there any better solution for this error? Will downgrading the version
impact my application? Please guide me
Thanks and Regards,
Parth Parikh
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org