• Post Reply Bookmark Topic Watch Topic
  • New Topic

Two-way SSL authentication

 
Matt Dalen
Greenhorn
Posts: 19
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I'm currently trying to implement a client to connect to an outside restful service with two-way authentication. Testing using the server company's sample client, which uses Apache CXF, works fine and I can send messages. I'm trying to build a more lightweight client than their sample, however, so I don't want to use CXF. However, without using CXF, I'm getting a CertificateException, "No subject alternative names present," which my research indicates usually means there's an issue with the cert. But I know the client and server certs work, since they work in the sample client. And my code uses the same code to build the keystore and the truststore as theirs.

Any ideas as to why I would be getting this error?

My client code is below:

 
Matt Dalen
Greenhorn
Posts: 19
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ok, I figured it out. It's a problem in the cert; the example code bypassed the CN check and my code didn't, so it worked in the example code.
 
Matt Dalen
Greenhorn
Posts: 19
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Apparently the cert they gave me did not have the URL in the CN field and didn't include a subject alternative names field. For testing purposes, I was able to bypass this by setting a custom Hostname Verifier:

 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 35719
412
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Interesting problem/solution. I gave you a cow for sharing it.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!