Problem getting UMA PAT Token

By: Daniel Pimenta user 14 Jan 2024 at 2:35 a.m. CST

6 Responses
Daniel Pimenta gravatar
Hi, I have been trying to fix this issue in one of our Gluu instances. The problem seems to be related to a certificate, but i'm not sure which. Any guidance? Thank you. - Failed to check UMA PAT token status - UmaProtectionException: Failed to obtain valid UMA PAT token - SSLPeerUnverifiedException: Certificate for <lundclaai01.lux-naos.test> doesn't match any of the subject alternative names: [lundclaai01.lux-naos.test, *.lux-naos.test] ``` 2024-01-12 11:38:16,045 ERROR [qtp1590550415-17] [org.gluu.oxtrust.service.uma.BaseUmaProtectionService] (BaseUmaProtectionService.java:81) - Failed to check UMA PAT token status org.gluu.oxtrust.exception.UmaProtectionException: Failed to obtain valid UMA PAT token at org.gluu.oxtrust.service.uma.BaseUmaProtectionService.retrievePatToken(BaseUmaProtectionService.java:123) ~[classes/:?] at org.gluu.oxtrust.service.uma.BaseUmaProtectionService.getPatToken(BaseUmaProtectionService.java:65) ~[classes/:?] at org.gluu.oxtrust.service.uma.BaseUmaProtectionService.isExistPatToken(BaseUmaProtectionService.java:79) ~[classes/:?] at org.gluu.oxtrust.service.uma.BaseUmaProtectionService.isEnabledUmaAuthentication(BaseUmaProtectionService.java:74) ~[classes/:?] at org.gluu.oxtrust.service.uma.ScimUmaProtectionService.isEnabled(ScimUmaProtectionService.java:79) ~[classes/:?] at org.gluu.oxtrust.service.uma.ScimUmaProtectionService.processAuthorization(ScimUmaProtectionService.java:112) ~[classes/:?] at org.gluu.oxtrust.service.uma.ScimUmaProtectionService$Proxy$_$$_WeldClientProxy.processAuthorization(Unknown Source) ~[classes/:?] at org.gluu.oxtrust.service.filter.AuthorizationProcessingFilter.filter(AuthorizationProcessingFilter.java:82) ~[classes/:?] at org.gluu.oxtrust.service.filter.AuthorizationProcessingFilter$Proxy$_$$_WeldClientProxy.filter(Unknown Source) ~[classes/:?] at org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:311) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:367) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:339) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:312) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:441) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:231) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:137) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:361) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:140) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:217) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:227) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) ~[resteasy-jaxrs-3.5.1.Final.jar:3.5.1.Final] at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) ~[servlet-api-3.1.jar:3.1.0] at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:755) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1617) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:226) ~[websocket-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:545) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:590) ~[jetty-security-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1607) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1297) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:485) ~[jetty-servlet-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1577) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1212) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:221) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.Server.handle(Server.java:500) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383) ~[jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:547) [jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375) [jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270) [jetty-server-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) [jetty-io-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) [jetty-io-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117) [jetty-io-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:388) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938) [jetty-util-9.4.26.v20200117.jar:9.4.26.v20200117] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_222] Caused by: javax.ws.rs.ProcessingException: RESTEASY004655: Unable to invoke request at org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:318) ~[resteasy-client-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:441) ~[resteasy-client-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:102) ~[resteasy-client-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:76) ~[resteasy-client-3.5.1.Final.jar:3.5.1.Final] at com.sun.proxy.$Proxy189.getMetadata(Unknown Source) ~[?:?] at org.gluu.oxtrust.ldap.service.AppInitializer.initUmaMetadataConfiguration(AppInitializer.java:452) ~[classes/:?] at sun.reflect.GeneratedMethodAccessor311.invoke(Unknown Source) ~[?:?] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_222] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_222] at org.jboss.weld.injection.StaticMethodInjectionPoint.invoke(StaticMethodInjectionPoint.java:95) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.injection.StaticMethodInjectionPoint.invoke(StaticMethodInjectionPoint.java:85) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.injection.producer.ProducerMethodProducer.produce(ProducerMethodProducer.java:103) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.injection.producer.AbstractMemberProducer.produce(AbstractMemberProducer.java:161) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.AbstractProducerBean.create(AbstractProducerBean.java:180) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.contexts.AbstractContext.get(AbstractContext.java:96) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.ContextualInstanceStrategy$DefaultContextualInstanceStrategy.get(ContextualInstanceStrategy.java:100) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.ContextualInstanceStrategy$ApplicationScopedContextualInstanceStrategy.get(ContextualInstanceStrategy.java:140) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.ContextualInstance.get(ContextualInstance.java:50) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:102) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.proxy.ProxyMethodHandler.getInstance(ProxyMethodHandler.java:131) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.gluu.oxauth.model.uma.UmaMetadata$Proxy$_$$_WeldClientProxy.getTokenEndpoint(Unknown Source) ~[oxauth-model-4.1.1.Final.jar:?] at org.gluu.oxtrust.service.uma.BaseUmaProtectionService.retrievePatToken(BaseUmaProtectionService.java:115) ~[classes/:?] ... 59 more Caused by: javax.net.ssl.SSLPeerUnverifiedException: Certificate for <lundclaai01.lux-naos.test> doesn't match any of the subject alternative names: [lundclaai01.lux-naos.test, *.lux-naos.test] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) ~[httpclient-4.5.11.jar:4.5.11] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) ~[httpclient-4.5.11.jar:4.5.11] at org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:314) ~[resteasy-client-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:441) ~[resteasy-client-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:102) ~[resteasy-client-3.5.1.Final.jar:3.5.1.Final] at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:76) ~[resteasy-client-3.5.1.Final.jar:3.5.1.Final] at com.sun.proxy.$Proxy189.getMetadata(Unknown Source) ~[?:?] at org.gluu.oxtrust.ldap.service.AppInitializer.initUmaMetadataConfiguration(AppInitializer.java:452) ~[classes/:?] at sun.reflect.GeneratedMethodAccessor311.invoke(Unknown Source) ~[?:?] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_222] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_222] at org.jboss.weld.injection.StaticMethodInjectionPoint.invoke(StaticMethodInjectionPoint.java:95) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.injection.StaticMethodInjectionPoint.invoke(StaticMethodInjectionPoint.java:85) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.injection.producer.ProducerMethodProducer.produce(ProducerMethodProducer.java:103) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.injection.producer.AbstractMemberProducer.produce(AbstractMemberProducer.java:161) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.AbstractProducerBean.create(AbstractProducerBean.java:180) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.contexts.AbstractContext.get(AbstractContext.java:96) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.ContextualInstanceStrategy$DefaultContextualInstanceStrategy.get(ContextualInstanceStrategy.java:100) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.ContextualInstanceStrategy$ApplicationScopedContextualInstanceStrategy.get(ContextualInstanceStrategy.java:140) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.ContextualInstance.get(ContextualInstance.java:50) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:102) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.jboss.weld.bean.proxy.ProxyMethodHandler.getInstance(ProxyMethodHandler.java:131) ~[weld-core-impl-3.1.2.Final.jar:3.1.2.Final] at org.gluu.oxauth.model.uma.UmaMetadata$Proxy$_$$_WeldClientProxy.getTokenEndpoint(Unknown Source) ~[oxauth-model-4.1.1.Final.jar:?] at org.gluu.oxtrust.service.uma.BaseUmaProtectionService.retrievePatToken(BaseUmaProtectionService.java:115) ~[classes/:?] ... 59 more 2024-01-12 11:38:16,055 INFO [qtp1590550415-17] [org.gluu.oxtrust.service.uma.ScimUmaProtectionService] (ScimUmaProtectionService.java:117) - Please activate UMA or test mode to protect your SCIM endpoints. Read the Gluu SCIM docs to learn more ```
Gluu 4.1.1 Rhel 8.4
closed

Answers

By Mohib Zico Account Admin 14 Jan 2024 at 9:15 p.m. CST

Copy
Mohib Zico gravatar
Hi, Most probably these issues are appearing when you are trying to use SCIM?

By Daniel Pimenta user 15 Jan 2024 at 3:47 a.m. CST

Copy
Daniel Pimenta gravatar
Yes exactly

By Daniel Pimenta user 16 Jan 2024 at 4:20 a.m. CST

Copy
Daniel Pimenta gravatar
@Mohib.Zico Any idea what the issue is? Seems related to a certificate but not sure which or how to fix

By Mohib Zico Account Admin 16 Jan 2024 at 6:37 a.m. CST

Copy
Mohib Zico gravatar
Yes. It means... Gluu Server's version and SCIM-client test suit is not syncing. There might be situation when you configure SCIM-client with wrong JKS. Make sure you use proper scim-rp.jks, scim rp client_id andscim rp client pass in maven project.

By Daniel Pimenta user 16 Jan 2024 at 10:11 a.m. CST

Copy
Daniel Pimenta gravatar
SCIM is called using my own client Where is scim-rp.jks applied? **Logs from my application:** INFO:root:Fetching User INUM for user admin... INFO:root:headers {'content-type': 'application/x-www-form-urlencoded', 'Authorization': 'Bearer 0'} INFO:root:url https://lundclaai01.lux-naos.test/identity/restv1/scim/v2/Users INFO:root:payload {'filter': 'userName eq "admin"'} INFO:root:Get User INUM reply code: 401 INFO:root:status: 401 INFO:root:Getting new UMA access token INFO:root:res.headers: {'Date': 'Tue, 16 Jan 2024 15:32:39 GMT', 'Server': 'Apache', 'X-Xss-Protection': '1; mode=block', 'X-Content-Type-Options': 'nosniff', 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains', 'Content-Type': 'application/scim+json;charset=utf-8', 'Content-Length': '22', 'Connection': 'close'} INFO:root:res msg: SCIM API not protected --- OxTrust has the error i've shown on previous message, which is caused by: javax.net.ssl.**SSLPeerUnverifiedException**: Certificate for <lundclaai01.lux-naos.test> doesn't match any of the subject alternative names: [lundclaai01.lux-naos.test, *.lux-naos.test] So fixing this SSLPeerUnverifiedException should fix the issue. But i dont understand what's causing it or how it can be fixed.

By Daniel Pimenta user 16 Jan 2024 at 10:25 a.m. CST

Copy
Daniel Pimenta gravatar
It could be a bug on HttpClient by Apache https://issues.apache.org/jira/browse/HTTPCLIENT-2060 Because hostname should match the certificate Common Name, or even any of both Subject Alternative Names. I'm looking into that

Post an answer