Hostname in certificate didn't match
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Problem
Confluence with SSL doesn’t work properly due to the domain from SSL Certificate doesn’t match with the requesting name.
The following appears in the atlassian-confluence.log.
1
2
3
4
5
2015-03-04 10:09:07,312 ERROR [http-8190-2] [renderer.internal.http.HttpClientFetcher] fetch Unable to retrieve response
-- url: /plugins/macrobrowser/browse-macros.action | userName: testuser | referer: https://confluence.test1.com/pages/viewpage.action?pageId=217321411 | action: browse-macros
javax.net.ssl.SSLException: hostname in certificate didn't match: <jira.test.com> != <confluence.test1.com> OR <test2.com> OR <confluence.test3.com>Diagnosis
The steps below can help to confirm the issue:
Check the Server’s FQDN and make sure this matches the domain configured on the Certificate.
Check the CN and DNSName from the output of the command below:
1
keytool -list -v -keystore <keystore-directory>/.keystoreCause
Hostname matching is done according to how the client identifies the host it's trying to access. If it's trying to access https://localhost/, then the certificate must be valid for localhost. If it's trying to access https://something-else.example, then the certificate must be valid for something-else.example, even if localhost and something-else.example are one and the same machine.
Solution
We have two possible resolutions:
Generate a new SSL Certificate with the correct domain/hostname and URL following this documentation https://confluence.atlassian.com/display/DOC/Running+Confluence+Over+SSL+or+HTTPS
OR
Fix the Server Domain/Hostname to match with the Certificate Domain/Hostname in the host file.
Was this helpful?