tSetKeystore + tRest - HTTPS hostname wrong: should be <servername>

Four Stars rod
Four Stars

tSetKeystore + tRest - HTTPS hostname wrong: should be <servername>


We are doing a rest call to a server with SSL in a job we originally built in 5.4 but it's now in 6.4.  The SSL certificate only has one name in it (an FQDN accessible externally), and we need to access the server via another name.  We can't change the certificate and need to accept this certificate. 

We use tSetKeyStore to load the keys that we are using - and then a tRest component to make the request.


Screen Shot 2018-04-19 at 1.37.35 PM.png


Note: "Check server identity" is not checked.

Screen Shot 2018-04-19 at 5.28.04 PM.png

Screen Shot 2018-04-19 at 5.31.17 PM.png


Exception in component tREST_1 (test)
com.sun.jersey.api.client.ClientHandlerException: java.io.IOException: HTTPS hostname wrong: should be <servername>
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:131)
at com.sun.jersey.api.client.Client.handle(Client.java:616)
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:559)


If I check the "Check server identity" it seems to work successfully.   Any clue here why "check server identity" = true would fail when the servername is different?


Re: tSetKeystore + tRest - HTTPS hostname wrong: should be <servername>


It looks like an issue with the DefaultHostnameVerifier.

In tSetKeystore component, the "Check server identity" option is used to make the Job verify the match between the hostname of the URL and the hostname of the server. If they mismatch, the verification mechanism asks whether this connection should be allowed.


Best regards



Don't forget to give kudos when a reply is helpful and click Accept the solution when you think you're good with it.
Four Stars rod
Four Stars

Re: tSetKeystore + tRest - HTTPS hostname wrong: should be <servername>


Looking at this again it doesn't seem to be the DefaultHostnameVerifier - it seems between 5.6 & 6.4/6.5 the behaviour reversed.  It used to add this code when the checkbox was not selected, now it adds it when it is selected (which is by default).


I'm going to change mine to use "Check server identity" when I don't want it to, but do you think this might change back in the future?


						.setDefaultHostnameVerifier(new javax.net.ssl.HostnameVerifier() {
							public boolean verify(String hostName,
									javax.net.ssl.SSLSession session) {
								return true;




What’s New for Talend Spring ’19

Join us live for a sneak peek!

Sign up now


Introduction to Talend Open Studio for Data Integration.


Downloads and Trials

Test drive Talend's enterprise products.


Definitive Guide to Data Integration

Practical steps to developing your data integration strategy.