Knowledgebase:
LDAP error javax.net.ssl.SSLHandshakeException: No subject alternative names matching IP address
Posted by John Villanueva on 18 August 2020 10:43 PM

If you encounter LDAP issues after upgrading to Java 8 Update 181 and come across an error that says something like:

javax.net.ssl.SSLHandshakeException: ...

java.security.cert.CertificateException: No subject alternative names matching IP address,

Try adding this line to the server.vmoptions file in the JSCAPE MFT Server installation directory:

-Dcom.sun.jndi.ldap.object.disableEndpointIdentification=true

So, for example, if your server.vmoptions file contains the following lines, 

-Xmx1024m
-Dorg.apache.jasper.compiler.disablejsr199=true
-XX:MaxPermSize=512m
-XX:+UseConcMarkSweepGC
-XX:+ExplicitGCInvokesConcurrent

then you may modify it likeso;

-Xmx1024m
-Dorg.apache.jasper.compiler.disablejsr199=true
-Dcom.sun.jndi.ldap.object.disableEndpointIdentification=true
-XX:MaxPermSize=512m
-XX:+UseConcMarkSweepGC
-XX:+ExplicitGCInvokesConcurrent

After saving the changes, restart JSCAPE MFT Server and then test the LDAP server again to see if it works.

For more details, read this article:

https://www.ibm.com/support/pages/how-resolve-ldap-error-javaxnetsslsslhandshakeexception-javasecuritycertcertificateexception-no-subject-alternative-dns-name-matching-ip-address-foundf

(1 vote(s))
This article was helpful
This article was not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below. This is required to prevent automated registrations and form submissions.

Help Desk Software by Kayako jscape.kayako.com