Certification exception- No subject alternative DNS name matching solace found
i have A service running on AWS ECS cluster that connects to Solace broker instance, it’s been working for last few years but suddenly from past few days it’s giving error like “ Client-1: Connection attempt to host ‘solace’ ConnectException com.solace systems.jcsmp.JCSMPTransportException: CertificateException - No subject alternative DNS name matching solace found”
this issue does not arrive when we disable property SSL_VALIDATE_CERTIFICATE to false…
but we want to verify that as we did earlier…
please suggest any solution…
Answers
-
Hi @dam_player
I read your error like this:
Your application tries to connect to a host "solace", but in the TLS server certificate on broker side, there is no SAN (subject alternative name) "solace" found.
You could check details of your tls server certificate with:
openssl s_client -connect solace:55443
(replace solace with name or IP of your broker and 55443 with your messaging port)
Have a look here: https://solace.community/discussion/510/how-to-test-tls-connection-and-server-certificate#latest for details.
Uli
1
