arundhaj

regression towards the datascience

SSLProtocolException handshake alert

 

I was getting the below mentioned exception on my Java client which is trying to establish URL connection to a server.

javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name

The Java client was actually trying to get an XML from the the URL and store it locally in a file as;

org.apache.commons.io.FileUtils.copyURLToFile(serverURL, "localFileName.xml");

It turns out that the server when using multiple hostnames behind a shared IP, it doesn't know what certificate to send. Hence the client expecting a valid certificate fails with SSLProtocolException.

For apache, adding ServerName and ServerAlias to the config would sort out the issue.

<VirtualHost mydomain.com:443>
   ServerName mydomain.com
   ServerAlias www.mydomain.com

If it is a 3rd party server and don't have control, it could even be solved from the client side too. Setting the following system property in your application would do the trick.

System.setProperty("jsse.enableSNIExtension", "false");

Disabling it from the client wouldn't necessarily compromise the security of the application.

More discussion about this issue in StackOverFlow

Comments