【cas、tomcat】HTTP Status 500 - javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExc

最新推荐文章于 2024-07-04 16:25:13 发布

Aldom

最新推荐文章于 2024-07-04 16:25:13 发布

阅读量2.7k

点赞数 1

CC 4.0 BY-SA版权

分类专栏： cas tomcat

本文链接：https://blog.youkuaiyun.com/MichaelJY1991/article/details/50440737

cas 同时被 2 个专栏收录

5 篇文章

订阅专栏

tomcat

4 篇文章

订阅专栏

本文记录了一次因证书名称与域名不匹配导致的SSLHandshakeException异常，并提供了详细的异常堆栈信息。通过分析发现，问题根源在于证书生成时所用名称与实际域名不符，解决方案为重新生成与域名相匹配的证书。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

异常栈：

HTTP Status 500 - javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching www.mj.com found

type Exception report

message javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching www.mj.com found

description The server encountered an internal error that prevented it from fulfilling this request.

exception

java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching www.mj.com found
	org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:407)
	org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)
	org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)
	org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)
	org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)
	org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)

root cause

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching www.mj.com found
	sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)
	sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)
	sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)
	sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446)
	sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
	sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
	sun.security.ssl.Handshaker.process_record(Handshaker.java:849)
	sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
	sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
	sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301)
	sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
	org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393)
	org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)
	org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)
	org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)
	org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)
	org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)

root cause

java.security.cert.CertificateException: No name matching www.mj.com found
	sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:221)
	sun.security.util.HostnameChecker.match(HostnameChecker.java:95)
	sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347)
	sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:203)
	sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
	sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)
	sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
	sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
	sun.security.ssl.Handshaker.process_record(Handshaker.java:849)
	sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
	sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
	sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301)
	sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
	org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393)
	org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)
	org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)
	org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)
	org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)
	org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)

note The full stack trace of the root cause is available in the Apache Tomcat/7.0.65 logs.