SSLHandshakeException occured!!

[kepricon]

Hi guys~

I have a problem while developing C2DM app.

My app server tried to send some messages to Google's C2DM server.

When i send messages, my code makes SSLHandshakeException.

How can i solve this problem.

error msg :

javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: No subject alternative DNS
name matching android.apis.google.com found.
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown
Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown
Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown
Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown
Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown
Source)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown
Source)
at
sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown
Source)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown
Source)
at Soket.com.C2DMSender.main(C2DMSender.java:123)
Caused by: java.security.cert.CertificateException: No subject
alternative DNS name matching android.apis.google.com found.
at sun.security.util.HostnameChecker.matchDNS(Unknown Source)
at sun.security.util.HostnameChecker.match(Unknown Source)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
Source)
... 13 more

[Xinwei Yi]

hi,have you registered your app before?

2010/8/6 kepricon <kepr...@gmail.com>

--
Best regards,

--Xinwei

[kepricon]

Hi

yeah, i'v registered my app.

On 8월6일, 오후6시41분, Xinwei Yi <xinwei...@gmail.com> wrote:
> hi,have you registered your app before?
>

> 2010/8/6 kepricon <kepri...@gmail.com>

[Augusto Ferrarini]

You may need to set the default hostname verifier to a custom one on
HttpsURLConnection:

private static class FakeHostnameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
return true;
}
}

then:
HttpsURLConnection.setDefaultHostnameVerifier(new FakeHostnameVerifier
());

- Augusto

[Costin Manolache]

Yes - fake or use the HostnameVerifier from android. 

The cert is for *.apis.google.com - curl and Dalvik ( and harmony ) are accepting it, but I think JSSE/JDK is not. 

Costin

[kepricon]

thx Augusto

i added your code to my app. but, i couldn't solve the problem i
mentioned above.

My program makes same exception msg.

I think i need the cert for *.apis.google.com.

so i can find out how to solve this problem from now on.

anyway Thanks a lot.

Best regards.

-kepricon

[Costin Manolache]

On Sun, Aug 8, 2010 at 6:29 PM, kepricon <kepr...@gmail.com> wrote:

thx Augusto

i added your code to my app. but, i couldn't solve the problem i
mentioned above.

My program makes same exception msg.

Same exception ? Are you sure you set the Fake hostname verifier before making the url connection ?

I'm pretty sure the Fake will work - I'll send some example of using the android verifier after I get back

from vacation.

Costin