Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] javax.net.ssl.SSLHandshakeException No subject alternative DNS name matching xxx found.

Silvio,

no bell ringing.   
Any chance of a stack trace... it may be obvious, but as a guide to walk through the code it may make us see something.
Of course if you could run with -Djavax.net.debug=ssl (or a filtered version of that) would be even more helpful.

regards



On Mon, 17 Dec 2018 at 22:17, Silvio Bierman <sbierman@xxxxxxxxxxxxxxxxxx> wrote:
Hello all,

I am using Jetty 9.4.14 on multiple servers. On one of my servers I get
heaps of SSLHandshakeException errors. They occur with different domain
names for which I do have valid certificates in my keystore. I am using
Jetty SNI and have dozens of certificates in my keystore. I use the same
keystore (JKS format) on all my servers but only one server shows this
behaviour. Strangely enough, these errors only occur with requests that
are sent from Java applications, either from the server process itself
or from one of my other servers.
This started occurring about a week ago, long after I upgraded to Jetty
9.4.14. The only thing that changed in the meantime is the SSL-keystore
that has grown.

Does this ring any bells? Has anyone experienced similar problems? I
have tried restarting the process, server etc. but that only helps for a
short while.

Any pointers would be welcome.

Kind regards,

Silvio
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users


--
Greg Wilkins <gregw@xxxxxxxxxxx> CTO http://webtide.com

Back to the top