How can I resolve the error "certificate subject name does not match target host name"?

Question 1

How can I resolve the error "certificate subject name does not match target host name"?

wso2 wso2esb wso2-am wso2carbon api-manager

Mike · Dec 29, 2016 · Viewed 54.3k times · Source

Answer

Answer

When ssl handshake happens client will verify the server certificate. In the verification process client will try to match the Common Name (CN) of certificate with the domain name in the url. if both are different host name verification will fail. In your case certificate has CN as local host and when you try to invoke using ip address , it fails. When you create the cert you can have single host name / multiple host name / wild card host name as CN value

For more details https://tersesystems.com/2014/03/23/fixing-hostname-verification/ https://support.dnsimple.com/articles/what-is-common-name/

Question 2

  curl -X GET --header 'Accept: application/json' --header 'Authorization: Bearer 90d2c018-73d1-324b-b121-a162cf870ac0' 'https://172.17.0.1:8243/V1.0.2/stock/getNA?name=te'

The terminal prompted

"curl: (51) SSL: certificate subject name (localhost) does not match target host name '172.17.0.1' "

Howerver ,after I changed the "172.17.0.1" to "localhost", It worked and got the result.

Why ? Is not there somewhere wrong configuration? Meanwhile ,there is no log in http_access.log.

How can I resolve the error "certificate subject name does not match target host name"?

Answer

Related questions