SSL-Connection causes javax.net.ssl.SSLException: hostname in certificate didn#39;t match (WSO2 Api Manager / Tomcat)(SSL-Connection 导致 javax.net.ssl.SSLException:证书中的主机名不匹配(WSO2 Api Manager/Tomcat))
问题描述
我目前正在设置一个 dockerized WSO Api Manager.我们的域有一个通配符证书.我成功将其转换为java keystore,并替换了两个jks文件.
I am currently setting up a dockerized WSO Api Manager. We have got a wildcard certificates for our domain. I successfully transformed it into a java keystore and replaced the two jks files.
当我打开 API 管理器时,我没有收到 ssl 警告,并且浏览器将我的连接标记为安全.
When I open the API manager, I get no ssl warnings and the browser marks my connection as secure.
当我尝试登录时出现错误:
When I try to login I get an error :
在我得到的日志文件中:
In the log files I get :
TID: [-1234] [] [2017-03-24 11:37:55,305] INFO
{org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost
to url[https://localhost:9443/services/AuthenticationAdmin]
{org.apache.axis2.transport.http.HTTPSender}
javax.net.ssl.SSLException: hostname in certificate didn't match:
<localhost> != </*.mydomain.io/mydomain.io/*.mydomain.io>
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:341)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:277)
看起来服务器正在尝试与本地主机进行 SSL 连接.那么如何将匹配的证书添加到允许 localhost 访问的密钥库?
It looks like the Server is trying to do SSL connections to localhost. So how can I add a matching certificate to the keystore allowing localhost access?
非常感谢!
推荐答案
在 api-manager.xml 文件中,更改所有 localhost 的引用以匹配您的域名,重启,应该就好了.
In the api-manager.xml file , change all references of localhost to match your domain name , restart , and it should be good.
设置
<parameter name="HostnameVerifier">AllowAll</parameter>
存在安全风险,主机名验证是有原因的.
is a security risk , Hostname Verification is there for a reason.
这篇关于SSL-Connection 导致 javax.net.ssl.SSLException:证书中的主机名不匹配(WSO2 Api Manager/Tomcat)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:SSL-Connection 导致 javax.net.ssl.SSLException:证书中的主机名不匹配(WSO2 Api Manager/Tomcat)
基础教程推荐
- 如何使用 Java 创建 X509 证书? 2022-01-01
- 设置 bean 时出现 Nullpointerexception 2022-01-01
- Java Keytool 导入证书后出错,"keytool error: java.io.FileNotFoundException &拒绝访问" 2022-01-01
- 在 Libgdx 中处理屏幕的正确方法 2022-01-01
- 降序排序:Java Map 2022-01-01
- 无法使用修饰符“public final"访问 java.util.Ha 2022-01-01
- “未找到匹配项"使用 matcher 的 group 方法时 2022-01-01
- FirebaseListAdapter 不推送聊天应用程序的单个项目 - Firebase-Ui 3.1 2022-01-01
- Java:带有char数组的println给出乱码 2022-01-01
- 减少 JVM 暂停时间 >1 秒使用 UseConcMarkSweepGC 2022-01-01
