0

I am trying to implement ActiveMQ ssl connection with server authentication.

When I try to connect I get :

Server Certificate name doesn't not match the uri host name value

According to ActiveMQ documentation :

You should note that in order to validate that the certificate that the broker sends is the one we want we must validate the "Common Name (CN)" field from the certificate against the host-name in the URI. If you have trouble connecting to the broker one of the first things to check it if your host-name matches the broker certificate common name.

My problem is that my server can have multiple names which are specified in the SubjectAlternativeName.

Can i change the ActiveMQ server certificate validation to ignore the CN? or to serarch also in the SubjectAlternativeName section?

gtonic
  • 2,295
  • 1
  • 24
  • 32
Saar peer
  • 817
  • 6
  • 21
  • I think you have two issues in hand. First fix the certificate to use the right host name or use the uri matching the host name of the certificate and then you can verify whether the alternate names are working or it. As per standard the common name is ignored when you have alternate names. – s7vr Sep 28 '16 at 16:57
  • I tried that the common name is not ignored. – Saar peer Sep 29 '16 at 06:27
  • can you show me the code that you have tried ? If yes what is the error you are getting ? – s7vr Sep 29 '16 at 08:14

0 Answers0