Class MismatchedHostnameException

  • All Implemented Interfaces:
    Serializable

    public final class MismatchedHostnameException
    extends SSLException
    Represents an exception caused by an SSL certificate whose hostname does not match the common name or any of the subject alternative domain names specified in the certificate. This usually is indicative of a man in the middle attack, but in the cases of self signed certificate, may just be the result of incorrect setup. In the latter case, the user will be allowed to trust it anyway. If, however, there is a mismatched hostname in an SSL certificate issued by a valid CA, then it is almost certainly a man in the middle attack, and it will be forced to fail for security reasons.
    Since:
    100.0.0
    See Also:
    Serialized Form
    • Constructor Detail

      • MismatchedHostnameException

        public MismatchedHostnameException​(String message,
                                           Throwable cause,
                                           X509Certificate cert,
                                           String hostname,
                                           boolean isSelfSigned)
        Creates a MismatchedHostnameException with the specified values. Specifically, the certificate, hostname, and self signed values are necessary for determining if and how an authentication challenge should be issued.
        Parameters:
        message - the message of the exception
        cause - the original cause of the exception
        cert - the certificate that was presented but did not match the hostname
        hostname - the hostname of the service
        isSelfSigned - true if the certificate is self signed (the only allowable situation to be handled. Non self signed certificates with mismatched hostname will NOT go through the AuthenticationChallengeHandler).
        Since:
        100.0.0
    • Method Detail

      • getCertificate

        public X509Certificate getCertificate()
        Gets the certificate that was presented but did not match the hostname.
        Returns:
        the certificate that was presented
        Since:
        100.0.0
      • getHostname

        public String getHostname()
        Gets the hostname of the service that presented the certificate.
        Returns:
        the hostname of the service
        Since:
        100.0.0
      • isSelfSigned

        public boolean isSelfSigned()
        Checks if the certificate that was presented is self signed. If it was, then the user will be allowed to override the trust for it. If it was signed by a valid CA, the user will not be allowed to handle it and it will throw the original exception.
        Returns:
        true if the certificate presented was self signed, otherwise false
        Since:
        100.0.0