Article - CS408469
Using ThingWorx ContentLoaderFunctions to make REST request is failing with error "Certificate for <<hostname>.com> doesn't match any of the subject alternative names: [<SAN1>.com, <SAN2>.com] javax.net.ssl.SSLPeerUnverifiedException"
Modified: 08-Jan-2024
Applies To
- ThingWorx Platform 9.3 SP6 to SP11
Description
- Using ThingWorx ContentLoaderFunctions to make REST request is failing with:
[L: ERROR] [O: E.c.q.l.c.Logger] [I: ] [U: <username>] [S: ] [P: thingworx1] [T: http-nio-8080-exec-2] Execution error in service script [getToken] :: Certificate for <<hostname>.com> doesn't match any of the subject alternative names: [<SAN1>.com, <SAN2>.com] javax.net.ssl.SSLPeerUnverifiedException: Certificate for <<hostname>.com> doesn't match any of the subject alternative names: [<SAN1>.com,<SAN2>.com] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384) at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) at com.thingworx.common.utils.HttpUtilities.PostText(HttpUtilities.java:1096) at com.thingworx.resources.content.ContentLoader.PostText(ContentLoader.java:780) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566)
- Added the following to Tomcat Java parameters (even though it should be enabled by default) but there was no difference
-Djsse.enableSNIExtension=true
This is a printer-friendly version of Article 408469 and may be out of date. For the latest version click CS408469