如何解析< *>的证书不匹配任何主题替代名称:[*]?

kkih6yb8  于 2021-07-09  发布在  Java
关注(0)|答案(1)|浏览(540)

我正在尝试将文件上载到asm拓扑中的file observer中。但是它在httpclient执行时给出了这个错误。这是完整的error:-

java.lang.IllegalStateException: Failed to execute ApplicationRunner
    at org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:813) ~[spring-boot-2.4.5.jar:2.4.5]
    at org.springframework.boot.SpringApplication.callRunners(SpringApplication.java:800) ~[spring-boot-2.4.5.jar:2.4.5]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:346) ~[spring-boot-2.4.5.jar:2.4.5]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:1340) ~[spring-boot-2.4.5.jar:2.4.5]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:1329) ~[spring-boot-2.4.5.jar:2.4.5]
    at com.verizon.VcpOpsFileUploadApplication.main(VcpOpsFileUploadApplication.java:20) ~[classes/:na]
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Certificate for <noi-topology.noi.apps.cluster1.ibm.dfwt5g.lab> doesn't match any of the subject alternative names: [*.apps.cluster1.ibm.dfwt5g.lab]
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) ~[httpclient-4.5.13.jar:4.5.13]
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) ~[httpclient-4.5.13.jar:4.5.13]
    at com.verizon.controller.ASMFileUploadController.uploadFile(ASMFileUploadController.java:44) ~[classes/:na]
    at com.verizon.VcpOpsFileUploadApplication.run(VcpOpsFileUploadApplication.java:25) ~[classes/:na]
    at org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:810) ~[spring-boot-2.4.5.jar:2.4.5]
    ... 5 common frames omitted
4si2a6ki

4si2a6ki1#

通配符证书仅用于一个级别。 *.example.com 将匹配 foo.example.com 以及 bar.example.com ,但不匹配 foo.bar.example.com .
你的 *.apps.cluster1.ibm.dfwt5g.lab 通配符证书将不匹配 noi-topology.noi.apps.cluster1.ibm.dfwt5g.lab 因为 * 不匹配 noi-topology.noi .
您需要的通配符证书 *.noi.apps.cluster1.ibm.dfwt5g.lab ,或需要将域名更改为。 noi-topology.apps.cluster1.ibm.dfwt5g.lab .

相关问题