'jwt.verify.publickey.location property disable ssl hostname verify?
i set jwt.verify.publickey.location property in my properties:
mp.jwt.verify.publickey.location=https://userservice/.well-known/jwks.json mp.jwt.verify.issuer=TelCloud
and i'm use quarkus-smallrye-jwt, and it's version is 2.4.1.Final
but I've had such a mistake:
Caused by: javax.net.ssl.SSLHandshakeException: No subject alternative DNS name matching userservice found.
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(Unknown Source)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(Unknown Source)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(Unknown Source)
at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at java.base/java.net.HttpURLConnection.getResponseCode(Unknown Source)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(Unknown Source)
at org.jose4j.http.Get.get(Get.java:80)
at org.jose4j.jwk.HttpsJwks.refresh(HttpsJwks.java:204)
at io.smallrye.jwt.auth.principal.AbstractKeyLocationResolver.isHttpsJwksInitialized(AbstractKeyLocationResolver.java:100)
at io.smallrye.jwt.auth.principal.KeyLocationResolver.initializeKeyContent(KeyLocationResolver.java:89)
at io.smallrye.jwt.auth.principal.KeyLocationResolver.(KeyLocationResolver.java:45)
... 81 more
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching userservice found.
at java.base/sun.security.util.HostnameChecker.matchDNS(Unknown Source)
at java.base/sun.security.util.HostnameChecker.match(Unknown Source)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 103 more
so i want to diasble ssl hostname verify, who can help me?
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|