When using the Apache HttpComponents HttpClient library (4.0.2) I'm having a problem where the certificate doesn't get validated properly. The certificate is valid for the domain name (let's call it example.com) however it's getting validated against the IP address instead:
hostname in certificate didn't match: <123.123.123.123> != <*.example.com>
My code for making the connection is:
HttpParams httpParams = new BasicHttpParams(); HttpConnectionParams.setConnectionTimeout(httpParams, 5000); HttpConnectionParams.setSoTimeout(httpParams, 5000); DefaultHttpClient httpClient = new DefaultHttpClient(httpParams); String url = "https://www.example.com"; HttpGet get = new HttpGet(url); HttpResponse httpResponse = httpClient.execute(get); String response = EntityUtils.toString(httpResponse.getEntity()).trim(); The certificate itself shows as valid when connecting through a web browser and is valid for the domain name I'm connecting to:
CN = *.example.com
The certificate is also added to the Java keystore (tested using regular HttpsURLConnection).
Any ideas why this code uses the IP address instead of the domain name?