Menu
curl -X GET --header 'Accept: application/json' --header 'Authorization: Bearer 90d2c018-73d1-324b-b121-a162cf870ac0' 'https://172.17.0.1:8243/V1.0.2/stock/getNA?name=te'
The terminal prompted
"curl: (51) SSL: certificate subject name (localhost) does not match target host name '172.17.0.1' "
However, after I changed the "172.17.0.1" to "localhost", it worked and I got the result.
Why? Is there a wrong configuration somewhere? Meanwhile, there isn't any log information in file http_access.log.
693
This problem can be fixed by simply removing the erroneous certificate from the server and replacing it with the correct certificate file.
If the certificate is issued for a hostname other than the one used or if the certificate cannot be authenticated (for example if it's self-signed and you don't trust the CA), then it will fail with the error "hostname does not match the server certificate".
The certificate is valid only if the request hostname matches the certificate common name. Most web browsers display a warning message when connecting to an address that does not match the common name in the certificate.
The subject distinguished name is the name of the user of the certificate. The distinguished name for the certificate is a textual representation of the subject or issuer of the certificate.
When SSL handshake happens client will verify the server certificate. In the verification process client will try to match the Common Name (CN) of certificate with the domain name in the URL. if both are different host name verification will fail. In your case certificate has CN as local host and when you try to invoke using IP address, it fails. When you create the cert you can have single host name / multiple host name / wild card host name as CN value
For more details, see:
159
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
