java.security.cert.CertificateException: No name matching localhost found

Problem

Configured Tomcat to support SSL and deployed this simple hello world web service. And use following client connect to the deployed web service over SSL connection :

package com.mkyong.client;
 
import java.net.URL;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
 
import com.mkyong.ws.HelloWorld;
 
public class HelloWorldClient{
 
	public static void main(String[] args) throws Exception {
 
	URL url = new URL("https://localhost:8443/HelloWorld/hello?wsdl");
        QName qname = new QName("http://ws.mkyong.com/", "HelloWorldImplService");
 
        Service service = Service.create(url, qname);
        HelloWorld hello = service.getPort(HelloWorld.class);
        System.out.println(hello.getHelloWorldAsString());
 
    }
}

It hits “No name matching localhost found” exception :

Caused by: javax.net.ssl.SSLHandshakeException: 
    java.security.cert.CertificateException: No name matching localhost found
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
	......
Caused by: java.security.cert.CertificateException: No name matching localhost found
	at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:210)
	at sun.security.util.HostnameChecker.match(HostnameChecker.java:77)
	......

Solution

This problem and solution is well explained in this article, you can use a Transport Security (SSL) Workaround for your “localhost” development environment.

To fix it, add a javax.net.ssl.HostnameVerifier() method to override the existing hostname verifier like this :

package com.mkyong.client;
 
import java.net.URL;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
 
import com.mkyong.ws.HelloWorld;
 
public class HelloWorldClient{
 
	static {
	    //for localhost testing only
	    javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
	    new javax.net.ssl.HostnameVerifier(){
 
	        public boolean verify(String hostname,
	                javax.net.ssl.SSLSession sslSession) {
	            if (hostname.equals("localhost")) {
	                return true;
	            }
	            return false;
	        }
	    });
	}
 
	public static void main(String[] args) throws Exception {
 
	URL url = new URL("https://localhost:8443/HelloWorld/hello?wsdl");
        QName qname = new QName("http://ws.mkyong.com/", "HelloWorldImplService");
 
        Service service = Service.create(url, qname);
        HelloWorld hello = service.getPort(HelloWorld.class);
        System.out.println(hello.getHelloWorldAsString());
 
    }
}

Output

Hello World JAX-WS

It’s working fine now.

Tags :

About the Author

mkyong
Founder of Mkyong.com and HostingCompass.com, love Java and open source stuff. Follow him on Twitter, or befriend him on Facebook or Google Plus. If you like my tutorials, consider make a donation to these charities.

Comments

  • Pingback: over here()

  • Pingback: do you agree()

  • Pingback: duquesne()

  • Pingback: water ionizer()

  • Pingback: pay plan()

  • Pingback: house blue()

  • Pingback: zak?ad szklarski piotrk√≥w trybunalski()

  • Pingback: locksmith u village()

  • Pingback: you could try here()

  • Pingback: learn more here()

  • Pingback: find more()

  • Pingback: water ionizer plans()

  • Pingback: car parking()

  • Pingback: pay per day loan plans()

  • Pingback: pay per day loans plan()

  • Pingback: alkaline water benefits()

  • Pingback: laan penge nu()

  • Pingback: fue()

  • Pingback: sms laan nu()

  • Pingback: car parking()

  • Pingback: tvpackages.net()

  • Pingback: kangen water()

  • Pingback: kangen water()

  • Pingback: water ionizer()

  • Pingback: water ionizer()

  • Pingback: watch movies online()

  • Pingback: streaming movies()

  • Pingback: watch free movies online()

  • Pingback: watch movies online()

  • Pingback: Blue Coaster33()

  • a.gader

    many thanks …

  • Husna

    I was on this for nearly a week, and finally the method solved it. Can you please provide an updated link to the article that explains the solution in more detail or if you can explain what the method is doing it would be highly useful.

  • Jeewantha

    Excellent post as always! Thank you very much!

  • Siddharth

    Your tutorials are the simplest, the best, the easiest to implement and understand and last but not the least THE AWESOMEST!!!

  • Edi

    Great article, I wish I would start the search here :). My problem was that I tried to load a JavaFX WebEngine to ‘https://localhost/…’ and may server had a self-signed certificate. Adding the static part in the Controller class fixed my problem.

    Thank you.

  • Pingback: Deploy JAX-WS web services on Tomcat + SSL connection()

  • Nico

    awesome, didn’t know about that. thanks!

  • haris

    hi bro,,

    thank you

    your answer perfect…

  • Jon Ander

    Thanks!! very useful

  • marsant

    hello,

    I configure a HTTPS webservice adding below constraings to the web.xml:

    <security-constraint>
            <web-resource-collection>
                <web-resource-name>Secure Area</web-resource-name>
                <url-pattern>/*
                </url-pattern>
                <http-method>POST</http-method>
            </web-resource-collection>
            <auth-constraint>
                <role-name>EMPLOYEE</role-name>
            </auth-constraint>
            <user-data-constraint>
                <transport-guarantee>CONFIDENTIAL</transport-guarantee>
            </user-data-constraint>
        </security-constraint>

    when I create a testClient and run it, Netbeans say me:
    Exception in thread “main” javax.xml.ws.WebServiceException: Cannot find ‘https://localhost:8181/Webservice/Service?wsdl’ wsdl. Place the resource correctly in the classpath.

    What could I do?
    Thanks in advance

    • ash

      hi.. did you manage to get around with this problem?

      I’m facing the same issue..

  • manish

    i ma getting

    java.net.UnknownServiceException: no content-type
    at java.net.URLConnection.getContentHandler(URLConnection.java:1209)
    at java.net.URLConnection.getContent(URLConnection.java:706)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getContent(HttpsURLConnectionImpl.java:426)
    at MutualAuthenticationHTTP.doitAll(MutualAuthenticationHTTP.java:100)
    at MutualAuthenticationHTTP.main(MutualAuthenticationHTTP.java:75)

    pl help

  • Peter DeGregorio

    Hello, Thank you for posting this information. The article like appears to be broken or obsolete. This document http://docs.oracle.com/cd/E19159-01/820-1072/820-1072.pdf explains it on page 75 and may be what was originally pointed to.

  • Pingback: java.security.cert.CertificateException: No name matching localhost found()

  • Pingback: How to bypass certificate checking in a Java web service client()