How to avoid java.security.cert.CertificateException with AuthorizeNet connection?

0
votes

I need to connect with AuthorizeNet but I am getting:

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching certification.authorize.net found (Please, see the error trace below).

The URL I use is https://certification.authorize.net/gateway/transact.dll

The connection code in my class AuthorizeNet is as follows:

        URL url = new URL(“https://certification.authorize.net/gateway/transact.dll”);
        URLConnection connection = url.openConnection();
        connection.setDoOutput(true);
        connection.setUseCaches(false);
        connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
        DataOutputStream out = new DataOutputStream(connection.getOutputStream());

The error trace is as follows:

2015-04-06 13:00:52,592 [ajp-bio-8009-exec-1] ERROR com.aaa.AuthorizeNet:541 - javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching certification.authorize.net found. at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) at com.aaa.AuthorizeNet.startNetConnection(AuthorizeNet.java:533)

2
javasecurityconnectionauthorize.net
If you are testing in the sandbox, the correct endpoint is test.authorize.net/gateway/transact.dll Also check the blog post regarding upgrades to sandbox security and infrastructure - community.developer.authorize.net/t5/…rhldr

2 Answers

0
votes

I used the old URL for connection, this gave the error. The new real URL is https://secure.authorize.net/gateway/transact.dll. Then one needs to get LoginID and transaction Key from AuthorizeNet. If you are a merchant you can get LoginID/TransactionKey that allow you testing transactions

0
votes

Solved it by running client with these extra params: -Djavax.net.debug=ssl,handshake Ref: Paypal SSLHandshakeException

In another case the below snippet helped me in solving the issue:

urlCon.setHostnameVerifier(new HostnameVerifier() {
    @Override
    public boolean verify(String hostname, SSLSession session){
        return true;
    }
});