Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

Hostname in certificate didn't match

Avatar

Level 3
Level 3
2/22/22 12:06:36 AM

Hi All,

 

I am using AEM 6.5. Recently I upgraded the service package from 6.5.7 to the 6.5.11. The I find my Dispatcher Flush can't work anymore. I have two apache server apache1 and apache2, so I configured two dispatcher flush.

 In the 6.5.7, the dispatcher flush was woring. But in the 6.5.11, both of them are not working anymore and I am seeing follow error message. 

 

Error while sending request: javax.net.ssl.SSLException: hostname in certificate didn't match:

<apache1> != </demo1.com/demo2.com> 

<apache2> != </demo1.com/demo2.com>

ForrestLi_0-1645517046801.png

Does anyone know how to fix it?

 

Thanks,

Forrest

Views

1.8K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 3
Level 3
2/22/22 2:19:34 AM

Hi @ForrestLi 

 

Hostname matching is done according to how the client identifies the host it's trying to access. If it's trying to access https://localhost/, then the certificate must be valid for localhost. If it's trying to access https://something-else.example, then the certificate must be valid for something-else.example, even if localhost and something-else.example are one and the same machine.

 

You can use the below steps to diagnose and confirm the issue:

  • Check the Server’s Fully Qualified Domain Name and make sure this matches with the URL configured on the Certificate.
  • Check the CN and DNSName from the output of the command below:
keytool -list -v -keystore <keystore-directory>/.keystore

 

 

 

View solution in original post

Views

1.8K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Level 3
Level 3
2/22/22 2:19:34 AM

Hi @ForrestLi 

 

Hostname matching is done according to how the client identifies the host it's trying to access. If it's trying to access https://localhost/, then the certificate must be valid for localhost. If it's trying to access https://something-else.example, then the certificate must be valid for something-else.example, even if localhost and something-else.example are one and the same machine.

 

You can use the below steps to diagnose and confirm the issue:

  • Check the Server’s Fully Qualified Domain Name and make sure this matches with the URL configured on the Certificate.
  • Check the CN and DNSName from the output of the command below:
keytool -list -v -keystore <keystore-directory>/.keystore

 

 

 

Views

1.8K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 3
Level 3
2/28/22 7:16:54 PM
In response to Rajalakshmi

I am not install any keystore file in the AEM. For now, I know service package 6.5.11 caue the issue, but I don't know how to fix it.

Views

1.8K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
How to obtain list of child components models in parent component sling model?

Views

118

Likes

0

Replies

5
Filters in AEM Collections

Views

62

Likes

0

Replies

0
What does the async state "temp-async" indicate in a merged custom index? Help finding documentation on this.

Views

132

Likes

0

Replies

5
Unable to Mock request in slingModel

Views

96

Likes

0

Replies

3
Add custom styles to the tables in rte aemaacs

Views

72

Likes

0

Replies

1