How to resolve the LDAP error "java.security.cert.CertificateException: No subject alternative DNS name matching ip address found"

Troubleshooting

Problem

After the upgrade to Java^(TM) 8 Update 181, you may encounter the Lightweight Directory Access Protocol (LDAP) error javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching ip address found.

This is because the endpoint identification algorithms have been enabled by default to improve the robustness of LDAPS (secure LDAP over Transport Layer Security (TLS) ) connections. There may be situations where some applications that were previously able to successfully connect to an LDAPS server may no longer be able to do so.

Symptom

While connecting to a LDAPS server, the error:

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching ip address found.

is issued in situations where applications were previously able to successfully connect to an LDAPS server.

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SS4GSP","label":"IBM UrbanCode Deploy"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Tips

How to resolve the LDAP error "java.security.cert.CertificateException: No subject alternative DNS name matching ip address found"

Troubleshooting

Problem

Symptom

Log InLog in to view more of this document

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?