I have integration test suite for www.billiving.com API. when that API call endpoint should be https://www.billiving.com.

my test suite work perfectly on windows. however when it move to ubuntu 14.x it get failed with following exception. [1]

so i have written this [2] code to test it beyond the test suite. still it fail with same exception.

so i tried to import billiving.com certificate to JKS but still it fail with same exception.

i know as a solution we can override the verify method in Verifier class and return as true. but i need proper solution as this can lead security issues.

1) why this error and why its only on linux.

2) how can we solve this with proper solution

API URL: https://www.billiving.com/

[1] exception:

>     javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS
> name matching www.billiving.com found.    at
> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
>   at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1747)
>   at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
>   at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
>   at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1209)
>   at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:135)
>   at
> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
>   at
> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
>   at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:943)
>   at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
>   at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
>   at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
>   at
> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
>   at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
>   at
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1195)
>   at
> java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379)
>   at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:318)
>   at Application.main(Application.java:20)  Caused by:
> java.security.cert.CertificateException: No subject alternative DNS
> name matching www.billiving.com found.    at
> sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:193)
>   at sun.security.util.HostnameChecker.match(HostnameChecker.java:77)
>   at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:264)
>   at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:250)
>   at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1188)

[2] sample code :

import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;

public class Application {

    public static void main(String[] args) {

        URL url;
        try {
            url = new URL(args[0]);

        HttpURLConnection connection = (HttpURLConnection) url.openConnection();
        connection.setInstanceFollowRedirects(false);
        connection.setRequestMethod("GET");

        if (connection.getResponseCode() >= 400) {
            System.out.println("ERROR "+ connection.getResponseCode());
        } else {
            System.out.println("Success");
        }

        System.out.println("Connection Crated");



        } catch (MalformedURLException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

    }


}

command to use above code:

java Application https://www.billiving.com

The real certificate of this site has the correct host name. But you get this certificate only if you are using SNI (Server Name Indication). Older Java versions do not support SNI (should be supported since Java 7), so maybe you need to upgrade your unspecified version.