Uploaded image for project: 'Geode'
  1. Geode
  2. GEODE-9139

SSLException in starting up a Locator

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    Description

      If you start up a locator using its host name, without a domain name, as a bind address you may get an SSLException in the form

      javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching hostname.domainname found
      

      The LocatorLauncher and InternalLocator throw away the bind address string and later do a reverse lookup to find the fully qualified hostname to use in endpoint identification matching. If the locator's own TLS certificate doesn't have the fully qualified name in it as a Subject Alternate Name the connection that the Locator makes to its own location service will fail.

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            kaslami Kamilla Aslami
            bschuchardt Bruce J Schuchardt
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment