Java CertificateException “No subject alternative names matching IP address … found”

Question

I\'m trying to implement a selfsigned certificate into my webserver, and it\'s working already with firefox and chrome (both from the server itself and from a remote machine

Answer 1

The reason, we get above error is that CN(Common name) defined in your certificate is not matching with the domain the application is running on. For e.g, In your certificate, the CN name is defined as www.example.com or an IP but you may be running the application say a URL which is like http://localhost:8080/api

So to fix the above error simply use one of the below approaches

Run the application on the same ‘CN’, as defined in your certificates.

OR

Along with CN name you can add Subject alt names in your certificate, which is like adding more than one domain in the certificate. Link below describes the process of adding multiple domains(subject-alt-name) to jks file and also to a certificate.

Follow this link: Learn how to add subject alt names and resolve the above error