ssl - How to bypass CertificateException by Java?

Question

I am trying to send a request to a server but it runs into following error, as I know should create a certificate but not sure how to do it. I've found this answer but could not implement it.

java.security.cert.CertificateException: No subject alternative DNS name matching www.example.com found.

Code

        URL url = new URL("https://www.example.com:1897/services/myservice");

        HttpsURLConnection con = (HttpsURLConnection) url.openConnection();

        con.setRequestMethod("POST");
        con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
        con.setDoOutput(true);
        con.setDoInput(true);

        OutputStream os = con.getOutputStream();
        m.marshal(auth, os);
        m.marshal(auth, System.out);

        os.flush();
        con.getResponseCode();

Answer 1

The server might be using a certificate that lacks the proper extensions. You can either disable host name verification (which creates a security problem), or install a proper certificate on the server (which might be difficult if it's not your server).

More specifically, I'd guess that either the server certificate contains a Subject Alternative Name extension, but that extension doesn't contain the host name of the server, or there is no SAN extension and the Common Name attribute of the Subject Name doesn't match the server. In either case, the solution would be to get a certificate with the correct server host name in the SAN extension.