This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSL Certificate Mismatch on server

jamesv
New Contributor II

‎11-09-2018 02:28 PM

I’m working on building out some new deployments of Snaplogic hosts and I am experiencing very strange SSL Certificate Mismatch errors.

An example error:

Unable to connect to neighbor after 15076875ns: https://ip-10-16-9-21:8081","exc":"javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate mismatch, expecting b27564cdd9d8a212b855251f705d09f91e40bfa3; server returned: 9d77f1e79a39bbdc2a77a1aac8356027e42b3a9c

However, if I get the fingerprint of the cert using openssl:

[snapuser@ip-10-16-9-15 etl-scripts]$ openssl s_client -connect ip-10-16-9-21:8081  | openssl x509 -noout -fingerprint
depth=0 C = Unknown, ST = Unknown, L = Unknown, O = Unknown, OU = CC, CN = ip-10-16-9-21
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = Unknown, ST = Unknown, L = Unknown, O = Unknown, OU = CC, CN = ip-10-16-9-21
verify error:num=21:unable to verify the first certificate
verify return:1
SHA1 Fingerprint=B2:75:64:CD:D9:D8:A2:12:B8:55:25:1F:70:5D:09:F9:1E:40:BF:A3

It looks like Snaplogic is returning the local server’s cert fingerprint for the check, but openssl seems to pull it just fine.

Any tips?

Labels:
0 Kudos
Reply
1 REPLY 1

boverton
New Contributor

‎09-15-2020 06:48 AM

Looks like this went unanswered. I am running into this issue now. How do we solve this cert issue?

0 Kudos
Reply