We have used wso2 esb (version 4.0.3) for exposing our webservice. Our webservice is added as a proxy service using the admin console in the wso2. We want to expose/consume our webservice only though the https. After generating the stub we have done the following

1. Create a jks file using the java keytool.
2. Exported the wso2 certificate and imported in the the jks file.
3. Added the following in the code while calling the webservice.

System.setProperty("javax.net.ssl.trustStore", "filename"); System.setProperty("javax.net.ssl.trustStorePassword", "password");

After doing all these when we try to call the webservice from the java code, it only works when the url is given with localhost. It doesnt work with the 127.0.0.1 or the machine IP address, even though we have proper mapping in the host file. While using the ip address we get the error as javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present. This error comes because the default certificate provided by wso2 has "localhost" as common name. We can get rid of this issue by adding the following piece of code

 HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
          public boolean verify(String string, SSLSession ssls) {
                          return true;
          }});

But this may create security issues. Please suggest us how to resolve this issue.

This error rise when the host name doesn't match the CN of the certificate. I can provide you two solutions.

• If you only need to access the service with the IP address, then simply generate a certificate having the correct IP address as the value for the CN value of the servers certificate. Java Keytool can be used.
• If you want to use both the IP address and host name to address the service, generate a certificate containing Subject Alternative Names (SAN). Java Keytool ship with Java 7 is capable of generating certificates with SAN. Otherwise use any other tool such as OpenSSL or use a certificate issued by a CA with SAN.