Hi all,
I have encountered a weird "hostname in certificate didn't match:" issue
when accessing IS dashboard. My setup details are as follows.
*Setup Details*
*IS cluster*
- 3 nodes cluster
- Hostname - mgt.is.wso2.com
- Certificate CN - mgt.is.wso2.com
*BPS cluster*
- 2 nodes cluster (manager/worker)
- Hostnames - Manager - mgt.bps.wso2.com / Worker - wrk.bps.wso2.com
- Certificate CN - *.bps.wso2.com
* Both nodes are fronted by same Nginx plus load balancer.
[1]
javax.net.ssl.SSLException: hostname in certificate didn't match: <
mgt.is.wso2.com> != <*.bps.wso2.com>
at
org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:238)
at
org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:54)
....
....
When we check the browser cookie, it gave correct certificate. (
mgt.is.wso2.com), but when we check it from java client[2] it gives the bps
certificate (*.bps.wso2.com) instead of IS.
[2]
https://darray.wordpress.com/2015/07/12/freak-vulnerability-and-disabling-weak-export-cipher-suites-in-wso2-carbon-4-2-0-based-products/
What is the reason for this? Is it my config issue or Nginx issue or our
product issue?
--
*Regards,*
*Aparna Karunarathna.*
*Associate Technical Lead - QAWSO2 Inc.Mobile: 0714002533*
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
