javax.net.ssl.SSLPeerUnverifiedException: Hostname not verified:

Question

I am trying to use HTTPS connection with self-signed certificate.
I have followed steps of creating self-signed certificate as mentioned here - Creating Sel

Answer 1

Interestingly, if the request host is an IP, "CN" is not used to match it; instead,

http://tools.ietf.org/html/rfc2818#section-3.1

the iPAddress subjectAltName must be present in the certificate and must exactly match the IP in the URI"

If you use java's keytool, it can be done by

keytool -genkeypair  -ext SAN=IP:195.xx.xx.xx    ........

---

NullHostNameVerifier is also ok for you use case. You client is trusting only one certificate; as long as the connection uses that certificate, you are secure; host name doesn't matter here.