Exception: Server name value of host_name cannot have the trailing dot

Wed, 09 Apr 2025 04:48:01 -0700 

Hi,

I am getting below error when having tomcat server name with trailing dot
(.) when using tomcat 10.
>From the stacktrace, it looks like it is coming as part of SNI handling.
Is this supported in tomcat 11 or any way to bypass it ?

javax.net.ssl.SSLProtocolException: Illegal server name, type=host_name(0),
name=tomcat-login.osns.svc.cluster.local., value={.....}
        at
java.base/sun.security.ssl.ServerNameExtension$CHServerNamesSpec.<init>(Unknown
Source)
        at
java.base/sun.security.ssl.ServerNameExtension$CHServerNamesStringizer.toString(Unknown
Source)
        at java.base/sun.security.ssl.SSLExtension.toString(Unknown Source)
        at java.base/sun.security.ssl.SSLExtensions.toString(Unknown Source)
        at
java.base/sun.security.ssl.ClientHello$ClientHelloMessage.toString(Unknown
Source)
        at
java.base/sun.security.ssl.SSLLogger$SSLSimpleFormatter.formatObject(Unknown
Source)
        at
java.base/sun.security.ssl.SSLLogger$SSLSimpleFormatter.formatParameters(Unknown
Source)
        at java.base/sun.security.ssl.SSLLogger.log(Unknown Source)
        at java.base/sun.security.ssl.SSLLogger.fine(Unknown Source)
        at
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(Unknown
Source)
        at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
        at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown
Source)
        at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(Unknown
Source)
        at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(Unknown
Source)
        at java.base/java.security.AccessController.doPrivileged(Unknown
Source)
        at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(Unknown Source)
        at
org.apache.tomcat.util.net.SecureNioChannel.tasks(SecureNioChannel.java:429)
        at
org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:494)
        at
org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:215)
        at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1769)
        at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
        at
org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
        at
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
        at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)
        at java.base/java.lang.Thread.run(Unknown Source)
*  Caused by: java.lang.IllegalArgumentException: Server name value of
host_name cannot have the trailing dot*
        at java.base/javax.net.ssl.SNIHostName.checkHostName(Unknown Source)
        at java.base/javax.net.ssl.SNIHostName.<init>(Unknown Source)
        ... 25 more}


*Thanks & Regards,*

*Vishwas *

Reply via email to