Jeff Sexton wrote:
We have a situation where we need to call a SOAP service in a
Glassfish server via HTTPS from a servlet in Tomcat. We extract a
self-signed certificate from Glassfish and imported it on the Tomcat
server. It all works in situations where we can use the
fully-qualified host name in the request and in the alias of the
certificate when importing on the Tomcat server.
But we need to operate in an environment with a name service. When we
try to use the IP address of the Glassfish server in the HTTPS call
and in the certificate alias, the call fails with a "no subject
alternate name" exception.
In Glassfish to Glassfish calls, using the IP address works fine.
Does anyone know how to make an SSL call from a Tomcat server using
the IP address only? Is it even possible?
I'm not 100% sure, but I think it is not possible.
Your server certificate have Common Name (CN) which can match either
FQDN (server.company.com) or IP (123.123.123.123) - not both.
You can, however, try to workaround your inability to contact DNS server
by manually inserting the adress to the "hosts" file, if you have
permission to do that.
Regards,
Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
