When TLS is used (not StartTLS) on port 465, the HostnameVerifier is checking for the ip address, not the hostname. This results in a failure on each connection.