+ Start a Discussion
AkoAko 

java error when attempting apex call to https site

I am having an issue with some Apex code for a managed package I maintain. It uses an HTTPRequest to send messages to a user configured external site.
One of our customers has a site with SSL and our messages are getting an apex error.
The error is:
---
System.CalloutException: java.security.cert.CertificateException: No subject alternative DNS name matching connect.maximizedliving.com found.
----

From what I've read in forums it is because Salesforce does not support SNI (server name indication). To get around this, the customer's host put their site on a unique IP address, rather than the shared IP it was on. However, the error is still occurring.


To reproduce the error, I used this code in the Developer Console:
---
HttpRequest httpReq = new HttpRequest();
Http httpObj = new Http();
HttpResponse httpResp = new HttpResponse();

httpReq.setEndPoint('https://customersUrlGoesHere.com');
httpReq.setMethod('GET');
httpResp = httpObj.send(httpReq);

return 1;
---

I don't know why the error is still happening as everything with the certificate seems correct to me. Can you help me figure out why it's still causing this java error?
It is a showstopper with our integration right now.
ShashForceShashForce
This could be an issue with the Certificate of the Endpoint site. Please check with them if their certificate has wildcard characters (*) in the "Subject Alternative Names", which might be causing this.
AkoAko
When I view the certificate in Chrome, it can see the 2 "DNS Name" values under "Subject Alternative Name".  There are no wildcards.
There are 2 listed in the form "connect.customersite.com" and "www.connect.customersite.com".

We have our own test site which has SANs formatted the same way, and that site works fine with Salesforce. Is there something else that could be causing this Javascript error?

If it helps, the specific URL with SSL that I am testing is at this url: https://connect.maximizedliving.com