My Oracle Support Banner

Failed hostname verification check when using SSL Certificates with Wildcards in WebLogic Server (Doc ID 1377479.1)

Last updated on JANUARY 30, 2020

Applies to:

Oracle WebLogic Server - Version 9.2 to 10.3.5
Information in this document applies to any platform.

Symptoms

 When using SSL Certificates with Wild Cards in WebLogic Server from weblogic 9.2 to 10.3.5. as below

CN=*.<Fully-Qualified-Domain-Name>

you can see the following error:

Caused by: javax.net.ssl.SSLKeyException: [Security:090504]Certificate chain received from <HOSTNAME> - <IP> failed hostname verification check. Certificate contained *.us.oracle.com but check expected <HOSTNAME>

 

 

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
 Disable the Default BEA hostname verifier in WLS
 Write a custom hostname verifier and configure it with WLS
 For some WLS versions there is also patch for <Bug 10215257> available for download
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.