java.io.IOException: HTTPS hostname wrong: should be

By: Ramlak  

java.io.IOException: HTTPS hostname wrong: should be

This error occurs when you are trying to access a HTTPS url. You might have already installed the server certificate to your JRE's keystore. But this error means that the name of the server certificate does not match with the actual domain name of the server that is mentioned in the URL. This normally happens when you are using a non CA issued certificate.

But of course you can overcome this problem by instructing the JRE to trust all certificates and to ignore the mis match in the domain name and the certificate issuer. Here is the snippet of code that can be used to achieve this.

This is not the complete class. But I have provided the complete code that is functional. You just have to copy the entire code below add it to any of your class and then call the subscribe function from anywhere you want. 

public String subscribe(String dist,String userid,String password,
	String email,String name,String expirydate) throws Exception{
        String resp = "";
        String urlString="https://<secureserver>/";
        URL url;
        URLConnection urlConn;
        DataOutputStream printout;
        DataInputStream input;
        String str = "";
        int flag=1;
        
        try {
            Properties sysProperties = System.getProperties();
	   // change proxy settings if required and enable the below lines
           // sysProperties.put("proxyHost", "proxy.starhub.net.sg");
           // sysProperties.put("proxyPort", "8080");
           // sysProperties.put("proxySet",  "true");
// Now you are telling the JRE to ignore the hostname
               HostnameVerifier hv = new HostnameVerifier()
    {
        public boolean verify(String urlHostName, SSLSession session)
        {
            System.out.println("Warning: URL Host: " + urlHostName + " vs. "
                    + session.getPeerHost());
            return true;
        }
    };
           // Now you are telling the JRE to trust any https server. 
           // If you know the URL that you are connecting to then this should not be a problem
            trustAllHttpsCertificates();
             HttpsURLConnection.setDefaultHostnameVerifier(hv);
    
            url = new URL(urlString);
            urlConn = url.openConnection();
            urlConn.setDoInput(true);
            Object object;
            urlConn.setUseCaches(false);
            
            urlConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            input = new DataInputStream(urlConn.getInputStream());
            
            while (null != ((str = input.readLine()))){
                if (str.length() >0){
                    str = str.trim();
                    if(!str.equals("")){
                        //System.out.println(str);
                        resp += str;
                    }
                }
            }
            input.close();
        }catch(MalformedURLException mue){ mue.printStackTrace();}
        catch(IOException ioe){ ioe.printStackTrace();}
        
        return resp;
    }
// Just add these two functions in your program 
    public static class miTM implements javax.net.ssl.TrustManager,
            javax.net.ssl.X509TrustManager
    {
        public java.security.cert.X509Certificate[] getAcceptedIssuers()
        {
            return null;
        }
 
        public boolean isServerTrusted(
                java.security.cert.X509Certificate[] certs)
        {
            return true;
        }
 
        public boolean isClientTrusted(
                java.security.cert.X509Certificate[] certs)
        {
            return true;
        }
 
        public void checkServerTrusted(
                java.security.cert.X509Certificate[] certs, String authType)
                throws java.security.cert.CertificateException
        {
            return;
        }
 
        public void checkClientTrusted(
                java.security.cert.X509Certificate[] certs, String authType)
                throws java.security.cert.CertificateException
        {
            return;
        }
    }

 
    private static void trustAllHttpsCertificates() throws Exception
    {
 
        //  Create a trust manager that does not validate certificate chains:
 
        javax.net.ssl.TrustManager[] trustAllCerts =
 
        new javax.net.ssl.TrustManager[1];
 
        javax.net.ssl.TrustManager tm = new miTM();
 
        trustAllCerts[0] = tm;
 
        javax.net.ssl.SSLContext sc =
 
        javax.net.ssl.SSLContext.getInstance("SSL");
 
        sc.init(null, trustAllCerts, null);
 
        javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(
 
        sc.getSocketFactory());
 
    }

 If you are not able to compile it is probably due to import issues. 
So see if these are imported in your class.
import java.security.Security;
import java.security.Provider;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
import javax.net.ssl.*;



Archived Comments

1. Wow, awesome blog layout! How long have you been blogging for?
you made blogging look easy. T

View Tutorial          By: captcha solver at 2017-08-13 10:15:06

2. Awesome work man! Saved my day.
View Tutorial          By: vunnikri at 2016-03-23 09:54:28

3. Somebody solved this without disabling security?
View Tutorial          By: brian at 2015-11-02 11:56:42

4. A Java application of mine spewed-forth this message after I updated my SSL certs. Turns out that th
View Tutorial          By: DocDawning at 2015-06-03 00:01:42

5. Excellent work mate! works like a charm! Lifesaver!
View Tutorial          By: jmcg at 2015-01-29 02:31:56

6. Hi it is working fine .but when my server we implemented SSO so each time it is going to login page
View Tutorial          By: mohan at 2014-11-28 10:57:22

7. Very good
View Tutorial          By: dizh at 2014-02-21 07:48:19

8. Turning off hostname checking also turns off all security. Yes you are still making an SSL/TLS conn
View Tutorial          By: eric at 2014-01-30 18:09:05

9. It looks like this .net component can verify email addresses:
http://www.kellermansoftware.co

View Tutorial          By: asava samuel at 2013-03-21 21:37:00

10. It looks like this .net component can verify email addresses:
http://www.kellermansoftware.co

View Tutorial          By: asava samuel at 2013-03-21 21:36:15

11. It looks like this .net component can verify email addresses:
http://www.kellermansoftware.co

View Tutorial          By: asava samuel at 2013-03-21 21:35:32

12. Thanks, it was helpful.
View Tutorial          By: Alex at 2013-03-14 19:26:51

13. Thanks a lot, a long time I search for solution for this problem. Just a comment, for me dont work &
View Tutorial          By: Jonhnes at 2013-02-16 17:17:47

14. can you plase give an exmple of what should i put in the function when i call here
subscribe(

View Tutorial          By: Or at 2013-02-16 11:32:17

15. Thanks for a great post. Solved a problem for me in communicating over SSL with a known server IP. O
View Tutorial          By: Mark at 2013-01-08 07:00:47

16. had the sample problem.. java.io.IOException: HTTPS hostname wrong: should be <server_ip>

View Tutorial          By: java at 2012-08-22 09:39:57

17. Hey Thanks a lot for now this has solved my long standing problem. But will come back to you once wh
View Tutorial          By: Daniel at 2012-08-10 07:01:11

18. Hi,

can we use only code given below :

HostnameVerifier hv = new Hostn

View Tutorial          By: Mahendra at 2012-05-24 10:57:25

19. Thanks, Its working great....
View Tutorial          By: RKay at 2012-05-09 07:06:16

20. Thank you very much, I worked a great.
Muchas gracias... Me funcionó de maravill

View Tutorial          By: Veronica at 2012-04-04 16:05:31

21. Thanks a lot for this great post.
View Tutorial          By: Ram Para at 2012-03-23 17:07:09

22. I tried this with HttpUnit (using the custom HostnameVerifier and trustAllSecurityCertificates) and
View Tutorial          By: Michael Gower at 2012-01-04 17:40:00

23. Thanks lot.Its working good...... thanks lot lot...
View Tutorial          By: Mohanraj at 2011-12-07 05:23:26

24. can you provide the full class from start to begin !
View Tutorial          By: mohit at 2011-12-01 09:56:22

25. thanks a lot.i've solved this problem with your suggestions.
View Tutorial          By: baran at 2011-10-13 06:46:56

26. Would u please provide me with a solution about how to implement a TrustManager or its equivalent cl
View Tutorial          By: milan at 2011-02-17 05:39:38

27. Thanks alot.....
View Tutorial          By: Fahiz at 2010-09-01 02:06:30

28. hi ,
i tried the code given, the connection itself not established it throws connetion tim

View Tutorial          By: barani at 2010-05-27 05:32:11

29. Thanks a lot. It solved my problem in a second.
View Tutorial          By: Suddy at 2010-03-25 14:56:10

30. Many thanks. I had that problem and your code solved it perfectly.
View Tutorial          By: Gianni at 2009-05-06 10:02:14

31. this code is not working .i have done all things like u.
but still getting HTTPS HostName Wr

View Tutorial          By: sudeep at 2009-03-25 07:15:13


Most Viewed Articles (in Java )

Latest Articles (in Java)

Comment on this tutorial