Importing Self-signed Certificate Is Failing In API Platform Gateway Using SSLCertUtility (Doc ID 2500682.1)

Last updated on JANUARY 27, 2020

Applies to:

Symptoms

On : NA version, API Platforms Gateway

When attempting to import the Self-signed certificate in API Platform Gateway using SSLCertUtility,
the following error occurs.

ERROR
-----------------------
Exception in thread "main" javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
  at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
  at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964)
  at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328)
  at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322)
  at sun.security.ssl.ClientHandshaker.serverCertificat


STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Created Self-signed SSL Certificate using keytool (java)
  $JAVA_HOME/jre/bin/keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks \
  -storepass xxxx -validity 360 -keysize 2048 -keypass xxxx

  keytool -list -v -keystore keystore.jks -storepass password1
  Keystore type: jks
  Keystore provider: SUN
  Your keystore contains 1 entry
  Alias name: selfsigned
  Creation date: Jan 12, 2019
  Entry type: PrivateKeyEntry
  Certificate chain length: 1
  Certificate[1]:
  Owner: CN=*.mhaprojectvcn.oraclevcn.com, OU=Myorganizationalunit, O=Myorganization,
  L=Mycity, ST=Mystate, C=US
  Issuer: CN=*.mhaprojectvcn.oraclevcn.com, OU=Myorganizationalunit, O=Myorganization,
  L=Mycity, ST=Mystate, C=US

2. Importing the SS certificate using SSLCertUtility.
3. The error occurs: Failed with "Exception in thread "main" javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present

Changes

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.