Java.io.IOException: HTTPS hostname wrong

Similar Messages

• Java.io.IOException: HTTPS hostname wrong:  should be localhost

  I'm having problems verifying an SSL client using Tomcat v5.x. I create a key in a particular keystore, let's call it C:\tomcat. I start tomcat specifying this file as the keystore to use. I then connect to the server on port 8443 with Internet Explorer and save the certificate returned from the server in a file. I then import the certificate into a keystore, let's say C:\tomcat_client. In my SSL client code I am specifiying the keystore to use with a System.setProperty("javax.net.ssl.trustStore", "C://tomcat_client"); However when I try to retrieve an output stream from a HttpURLConnection I receive the above exception. Any ideas what is happening ?
  Exception : java.io.IOException: HTTPS hostname wrong: should be <localhost>
  I have tried a variety of other options including importing the certificate into jssecacerts in the lib/security directory of the jre I am using to execute the SSL client, using the same keystore file for tomcat and the SSL client, etc.

  Hi Everybody!
  I've had a lot of problems with HTTPS connection. But finally I found a solution that works for me. So here is the Servlet:
  * File name: TestServlet.java
  * Created on 2005.01.21.
  package georgie.test.servlet;
  import java.io.BufferedReader;
  import java.io.IOException;
  import java.io.InputStreamReader;
  import java.net.URL;
  import javax.net.ssl.HostnameVerifier;
  import javax.net.ssl.HttpsURLConnection;
  import javax.net.ssl.SSLSession;
  import javax.servlet.ServletException;
  import javax.servlet.http.HttpServlet;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  * @author Gy�rgy Nov�k
  public class TestServlet extends HttpServlet
      protected void doGet(HttpServletRequest request,
              HttpServletResponse response) throws ServletException, IOException
          try
              trustAllHttpsCertificates();
              String urlStr = request.getParameter("url");
              HttpsURLConnection.setDefaultHostnameVerifier(hv);
              URL url = new URL(urlStr == null ? "https://www.verisign.com/"
                      : urlStr);
              debug("URL READY");
              BufferedReader in = new BufferedReader(new InputStreamReader(url
                      .openStream()));
              debug("INPUT READY");
              int buff;
              while ((buff = in.read()) != -1)
              in.close();
              debug("EVERYTHING IS DONE!!!");
          catch (Exception e)
              e.printStackTrace();
      HostnameVerifier hv = new HostnameVerifier()
          public boolean verify(String urlHostName, SSLSession session)
              System.out.println("Warning: URL Host: " + urlHostName + " vs. "
                      + session.getPeerHost());
              return true;
      private void debug(String s)
          System.out.println("[DEBUG] -- TestServlet -- \n" + s);
      private static void trustAllHttpsCertificates() throws Exception
          //  Create a trust manager that does not validate certificate chains:
          javax.net.ssl.TrustManager[] trustAllCerts =
          new javax.net.ssl.TrustManager[1];
          javax.net.ssl.TrustManager tm = new miTM();
          trustAllCerts[0] = tm;
          javax.net.ssl.SSLContext sc =
          javax.net.ssl.SSLContext.getInstance("SSL");
          sc.init(null, trustAllCerts, null);
          javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(
          sc.getSocketFactory());
      public static class miTM implements javax.net.ssl.TrustManager,
              javax.net.ssl.X509TrustManager
          public java.security.cert.X509Certificate[] getAcceptedIssuers()
              return null;
          public boolean isServerTrusted(
                  java.security.cert.X509Certificate[] certs)
              return true;
          public boolean isClientTrusted(
                  java.security.cert.X509Certificate[] certs)
              return true;
          public void checkServerTrusted(
                  java.security.cert.X509Certificate[] certs, String authType)
                  throws java.security.cert.CertificateException
              return;
          public void checkClientTrusted(
                  java.security.cert.X509Certificate[] certs, String authType)
                  throws java.security.cert.CertificateException
              return;
  }Wish You all the best:
  Georgie

• Different "java.io.IOException: HTTPS hostname wrong:  should be ..." error

  Hi
       I am experiencing some problems using SSL with Java 1.4.2_12 which appear to be subtly different to the ones posted earlier in this forum.
       ProcessA is trying to establish an HTTPS connection with an Apache server but gets the following error whilst trying to open the stream:
       java.io.IOException: HTTPS hostname wrong: should be <nnn.nnn.nnn.n>
       ProcessA obtains the IP to connect to from local config and this exactly matches the IP the IOEXception says it should be! Consequently I am confused as to why JSSE complains.
       I checked the certificates in the local keystore and the CN is also identical to the supplied IP
       I do not have the authority to tinker with the Apache configuration so I can't try anything else out. I must have missed a step somewhere but I am at a loss as to what. If anyone can shed some light on what may be happening here, I'd be obliged.
       thanks

  Ejp: please accept my apologies for the hugely late response to this.
  The problem was indeed at the server end. I had already employed the HostnameVerifier but after some badgering of the server admin the problem was nailed as exactyly what you said.
  Thanks (and apologies) again.

• OPP log shows java.io.IOException: HTTPS hostname wrong:

  Hi All -
  While running BI Publisher programs in R12.1.3 instance , we are getting below error.
  [11/14/11 10:02:33 PM] [UNEXPECTED] [82134:RT731346] java.io.IOException: HTTPS hostname wrong: should be <test0va1.mia.abc.com>
  Can anyone please help ?
  Regards

  The error is reported in these docs but I do not think it is helpful.
  Pdf Export On Worklist Throws HTTPS Hostname Wrong Exception [ID 1118694.
  E-IB: Getting "java.io.IOException: HTTPS hostname wrong: should be <*.*.*.*>, but cert says..." on Accessing External Web Service Node over HTTPS [ID 1163124.1]
  Encountering excpetion when calling an external Web Service: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed [ID 1029108.1]
  Please log a SR.
  Thanks,
  Hussein

• "HTTPS hostname wrong" for a hostname starts with a number

  Does anyone know about why HttpsClient throws the error for a hostname starts with a number. I have no problem with other hostname but only for the hostname starts with a number. The certificate works fine with Browser. I am sure the hostname in the certificate and in the request are exactly the same.
  I know how to skip the hostname verification, but I don't want to do that for security concern.
  Can sun develpoer shed some light how to verify the hostname in HttpsClient?
  java.io.IOException: HTTPS hostname wrong: should be
  <1company.mydomain.com>
  at sun.net.www.protocol.https.HttpsClient.b(DashoA6275)
  at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
  at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275)
  at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:574)
  at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(DashoA6275)
  at java.net.URL.openStream(URL.java:960)
  Thanks
  Al8079

  I looked at the RFCs you mention, and they do seem to indicate that host/domain names cannot start with digits...however if you look at RFC 1123 closely it says:
  RFC1123 APPLICATIONS LAYER -- GENERAL October 1989
  2. GENERAL ISSUES
  This section contains general requirements that may be applicable to
  all application-layer protocols.
  2.1 Host Names and Numbers
  The syntax of a legal Internet host name was specified in RFC-952
  [DNS:4]. One aspect of host name syntax is hereby changed: the
  restriction on the first character is relaxed to allow either a
  letter or a digit. Host software MUST support this more liberal
  syntax.
  Host software MUST handle host names of up to 63 characters and
  SHOULD handle host names of up to 255 characters.

• HTTPS hostname wrong

  Hi everybody,
  I?m developing a client webservice throught https and I can`t connect to it, the exception thrown is:
  java.rmi.RemoteException: HTTP transport error: java.io.IOException:
  HTTPS hostname wrong:  should be <wservices.fundacioncan.com>; nested exception is:
  HTTP transport error: java.io.IOException: HTTPS hostname wrong:
    should be <wservices.fundacioncan.com>This service use a basic authentication using user and password, I used the following code to set it:
  System.setProperty("javax.net.ssl.trustStore","c:\\client.keystore");
  System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
  System.setProperty("javax.protocol.handler.pkgs",
  "com.sun.net.ssl.internal.www.protocol.https");
  java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
           // Get our port interface
         stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY, username);
          stub._setProperty(javax.xml.rpc.Stub.PASSWORD_PROPERTY, password);For calling this service I`m using a java class without a Tomcat server, and also, I have not
  implemented the web service. I only know that it is hosted at
  the next URL
  https://wservices.fundacioncan.com:9443 and the server certificate
  that i can get from the browser shows that the Subject is www.fundacioncan.com
  Can anybody tell me what I?m doing wrong? I have read old topics about the same but nothing works.
  Thanks in advance

  You can get problems connecting over HTTPS in IE if the name on the certificate does not match the name of the site. For example if a certificate for java.sun.com had the name www.sun.com you'd get a dialog popping up saying that the name of the certificate did not match the name of the site, but that otherwise it was ok. This seems to be the error you're getting here, but you don't get the option to proceed...
  I don't know whether there is a workaround for this, I only know from my experience developing my own web service that I had to ensure the server name matched the name on the certificate. It doesn't look like you have this luxury, so I'd suggest contacting the web service provider for more info, unless someone else has a workaround.
  Chris

• Please help - HTTPS hostname wrong.

  Sorry for posting this message again. It may just be a quick help from any of you.
  I have a simple https client that produced the following error message -
  " java.io.IOException: HTTPS hostname wrong: should be <test.cat.com>, but cert says <*.cat.com> "
  I thought that the * is the wild card,thus test.cat.com should be accepted. Any ideas?
  Thanks, Jack

  I am not sure exactly what to do. Anyway the code is simple. It basically first connects to a site for logon and obtain certificate (?). And then try to connect to another site.
  Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  System.getProperties().put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
  URL url = new URL("https://login.cat.com/cgi-bin/setcookie?username=liuj&password=test"); URLConnection connection = url.openConnection();
  BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
  String inputLine;
  while ((inputLine = in.readLine()) != null)
  System.out.println(inputLine);
  in.close();
  url = new URL("https://eddweb.cat.com/");
  connection = url.openConnection();
  The exception happens at the above line -
  java.io.IOException: HTTPS hostname wrong: should be <eddweb.cat.com>, but cert says <*.cat.com>
  I know I have other issues need to work out later on. Right now I need to first resolve this problem. Thank you. Jack

• HTTPS hostname wrong:  should be myhost

  Hello everybody:
  I developed some servlets using jre 1.5 and Tomcat 5.0. Now, I have to deploy them in Oracle IAS 10g 1.3.
  Everything is okay, except https connection, and I don't know what to do: It works fine in Tomcat 5.0 and OC4J (oc4j_extended_101300) but not in IAS 1.3.
  This is my code:
  // protocol handler uses this security provider
  Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  com.sun.net.ssl.HostnameVerifier hv=new com.sun.net.ssl.HostnameVerifier() {
  public boolean verify(String urlHostname, String certHostname) {
  System.out.println("WARNING: Hostname is not matched for cert.");//<-This is never shown
  return true;
  com.sun.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(hv);
  And this is the server response:
  06/02/27 12:50:42 java.protocol.handler.pkgs: com.sun.net.ssl.internal.www.protocol
  06/02/27 12:50:42 java.io.IOException: HTTPS hostname wrong: should be <myhost>
  06/02/27 12:50:42 at sun.net.www.protocol.https.HttpsClient.checkURLSpoofing(HttpsClient.java:493)
  06/02/27 12:50:42 at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:418)
  06/02/27 12:50:42 at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
  06/02/27 12:50:42 at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:836)
  06/02/27 12:50:42 at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.getOutputStream(HttpsURLConnectionOldImpl.java:200)
  06/02/27 12:50:42 at aux.Conn.getHostResponse(Conn.java:255)
  06/02/27 12:50:42 at aux.Conn.responseProcess(Conn.java:366)
  06/02/27 12:50:42 at mymainclass.MyServlet.doPost(MyServlet.java:56)
  06/02/27 12:50:42 at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
  06/02/27 12:50:42 at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
  06/02/27 12:50:42 at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:719)
  06/02/27 12:50:42 at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:376)
  06/02/27 12:50:42 at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:870)
  06/02/27 12:50:42 at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:451)
  06/02/27 12:50:42 at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:299)
  06/02/27 12:50:42 at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:187)
  06/02/27 12:50:42 at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
  06/02/27 12:50:42 at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303
  06/02/27 12:50:42 at java.lang.Thread.run(Thread.java:595)
  Thanks in advance

  you write your own little hostname verifier class (it is easy) and set it as the default. If you really dont care what the name of the servers URL is, then do this:
  HttpsURLConnection.setDefaultHostnameVerifier(new YourHostnameVerifier());
  YourHostNameVerifier simple has to implement HostnameVerifier interface, which is one method call. You can simply return true if you dont want it to check it (if the certificate is trusted enough, and URL does not matter).

• HTTPS hostname wrong - wild card?

  I have a simple https client that produced the following error message -
  " java.io.IOException: HTTPS hostname wrong: should be <test.cat.com>, but cert says <*.cat.com> "
  I thought that the * is the wild card,thus test.cat.com should be accepted. Any ideas?
  Thanks, Jack

  ok I did exactly that and it's good. However I suggest that you don't return true automatically since it bypass completely the protection. You can easily implement the check for the domain name (which is the current implementation in jsse) and then add the wildcard special cases.
  Have fun
  Francois

• Exception: java.io.IOException: HTTP response 404 : LaunchDesc: null ]

  What's matter?
  I checked URL in jnlp file several times. but I coudn't know how to do.
  Error mesagge shows below,
  Exception: java.io.IOException: HTTP response 404 : LaunchDesc: null ]
       at com.sun.javaws.cache.DownloadProtocol.doDownload(Unknown Source)
  ...etc
  Anybody help, plz?

  Hi,
  this might be a proxy config issue. Check Sun's Web Start FAQ for more details.
  - Gerald

• HTTPS hostname wrong: should be myhostname

  WHen I connect from my SOAP client to a SOAP server via HTTP, everything works fine. But when I connect via HTTPS, I get an exception
  "HTTPS hostname wrong: should be <myhostname>"
  I browsed the forums for this and got the workaround
          HostnameVerifier hv = new HostnameVerifier() {
              public boolean verify(String urlHostName, SSLSession session) {
                  return true;
              public boolean verify(String urlHostName, String certHostname) {
                  return true;
          HttpsURLConnection.setDefaultHostnameVerifier(hv);
          SOAPConnectionFactory scf =  SOAPConnectionFactory.newInstance();
          connection = scf.createConnection(); //point-to-point connectionbut that doesn't work. Perhaps this workaround only works for url/socket connections and not for SOAP connections. Or is there a similar workaround for SOAP connections?

  Well, a
  Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());in addition helped. But I wonder how this host name check is done. I added a System.out with the values of urlHostName and session.getPeerHost() and after I changed my domain name to the IP address this error still occured without this workaround. So even though the urlHostName equals exactly the session.getPeerHost() string, the exception is still thrown.

• Web service calling in HTTPS, certificate, hostname wrong

  Hi
  Im triying to call a web service running in WSO2 Carbon and I cant do it because I was geting a exception asking for a certificate.I had success importing a valid certificate, but now I get the following exception
  HTTPS hostname wrong: should be <10.36.15.100>
  this ip is the one where the WSO2 Carbon is running with the web service Im calling.
  When I consume services running in other places I gat no problem and I can consume the service running in the WsO2 with the SOAP UI, so I dont Know what happend?
  Thanks
  Ray

  Glad to help.
  I actually had a similar problem a few weeks ago. I created a remote enabled FM in our R/3 system that was called by a program in our SRM system. When I ran the FM in R/3 it worked, but from SRM, no joy.
  Eventually, I found that I had mispelled a parameter in the calling program. Since, the FM didn't exist in SRM, the calling program couldn't report any syntax error or give a dump. I corrected the spelling and it finally worked.
  Rob

• Message processing failed. Cause: com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.IOException: invalid content type for SOAP: TEXT/HTML; HTTP 404 Not Found

  In my 2006 biztalk application I have exposed web service to receive SAP input. It was working fine. After I have modified something in orchestration in that application . I am getting following error while SAP try to consume my web service. Can anyone please
  help me.
  Message processing failed. Cause: com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.IOException: invalid content type for SOAP: TEXT/HTML; HTTP 404 Not Found

  In my 2006 biztalk application I have exposed web service to receive SAP input. It was working fine. After I have modified something in orchestration in that application . I am getting following error while SAP try to consume my web service.
  HI Arivazhagan K,
  Could you give some explanation about what you modified? according the to error message, this is "resource is not found issue".
  Best regards,
  Angie
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Error SOAP: call failed: java.io.IOException: Read timed out; HTTP 200 OK

  Hi PI gurus,
    Need some suggestions on one issue below -
    Scenario - proxy (SAP) to SOAP (Web based system)
    In the RWB Communication Channel Monitirong we are receiving the below error
    " Error SOAP: call failed: java.io.IOException: Read timed out; HTTP 200 OK"
  the request from XI system is going to target system and printing the lables (as per the functionality) with no issues but the comminication channel is giving the above error and this is causing the repeated sending the same request to target sytem and the data is printing repeateadly. This issues is occuring in Quality environment.
  Strangley the same Interface with the same connectivity details is working fine in Development environment. But not working in Quality environment. Checked the firewalls settings on both in XI and Target system side and confirmed that everything is fine.
  Below are the Logs both from Quality and developement are as follows
  Quality ( Failure Case) 
  17.03.2011 07:19:59 Success SOAP: request message entering the adapter with user J2EE_GUEST
  17.03.2011 07:25:03 Error SOAP: call failed: java.io.IOException: Read timed out; HTTP 200 OK
  Development     (Success ful)
  17.03.2011 07:27:55 Success SOAP: request message entering the adapter with user J2EE_GUEST
  17.03.2011 07:27:58 Success SOAP: completed the processing
  When we checked with basis team on user id J2EE_GUEST,  they confirmed that they are same in Development and Quality.
  I repeat,, that the same target url and everthing is same in XI Configuration
  Thanks in Advance. Points would be rewared for the best solution.
  Thanks,
  Jitender

  HI Jitender,
        If your scenariois working in DEV and if it is not working in QAS.Could you please check if both the systems are at same patch levels..
  Please refer below notes :1551161,817894,952402.
  Cheers!!!
  Naveen.

• Error in SOAP receiver channel: java.io.IOException: invalid http response:

  Hi experts,
  I have a IDOC to SOAP scenario where SOAP receiver channel is sending data to web service. In the receiver channel I am getting error as below. Kindly help me to resolve this issue. Thanks.
  "Message processing failed. Cause: com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.IOException: invalid http response: null"

  Did you check this?
  http://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/40611dd6-e66e-2910-f383-e80fb44f9cd4
  Regards
  Pothana