Class MismatchedHostnameException

All Implemented Interfaces:
Serializable

public final class MismatchedHostnameException extends SSLException
Represents an exception caused by an SSL certificate whose hostname does not match the common name or any of the subject alternative domain names specified in the certificate. This usually is indicative of a man in the middle attack, but in the cases of self signed certificate, may just be the result of incorrect setup. In the latter case, the user will be allowed to trust it anyway. If, however, there is a mismatched hostname in an SSL certificate issued by a valid CA, then it is almost certainly a man in the middle attack, and it will be forced to fail for security reasons.
Since:
100.0.0
See Also:
  • Constructor Details

    • MismatchedHostnameException

      public MismatchedHostnameException(String message, Throwable cause, X509Certificate cert, String hostname, boolean isSelfSigned)
      Creates a MismatchedHostnameException with the specified values. Specifically, the certificate, hostname, and self signed values are necessary for determining if and how an authentication challenge should be issued.
      Parameters:
      message - the message of the exception
      cause - the original cause of the exception
      cert - the certificate that was presented but did not match the hostname
      hostname - the hostname of the service
      isSelfSigned - true if the certificate is self signed (the only allowable situation to be handled. Non self signed certificates with mismatched hostname will NOT go through the AuthenticationChallengeHandler).
      Since:
      100.0.0
  • Method Details

    • getCertificate

      public X509Certificate getCertificate()
      Gets the certificate that was presented but did not match the hostname.
      Returns:
      the certificate that was presented
      Since:
      100.0.0
    • getHostname

      public String getHostname()
      Gets the hostname of the service that presented the certificate.
      Returns:
      the hostname of the service
      Since:
      100.0.0
    • isSelfSigned

      public boolean isSelfSigned()
      Checks if the certificate that was presented is self signed. If it was, then the user will be allowed to override the trust for it. If it was signed by a valid CA, the user will not be allowed to handle it and it will throw the original exception.
      Returns:
      true if the certificate presented was self signed, otherwise false
      Since:
      100.0.0