Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1815: Samples - OpenId - Google Login - Hostname in Certificate didn't match #2044

spring-issuemaster opened this Issue Sep 15, 2011 · 2 comments


None yet
2 participants

Chris Shellenbarger (Migrated from SEC-1815) said:

This is the text from my Spring Forum post referenced in this issue:

I am trying to run the OpenId sample from the latest version in git. I start it up using 'gradle jettyRun' and proceed to localhost:8080. Once I get there, I click on google as my account provider and receive the following error message in the browser:

"Your login attempt was not successful, try again.

Reason: Unable to process claimed identity 'https://www.google.com/accounts/o8/id'."

There is a stack trace on the console - the main points are here:

o.s.s.o.OpenIDAuthenticationFilter - Failed to consume claimedIdentity: https://www.google.com/accounts/o8/id org.springframework.security.openid.OpenIDConsumer Exception: Error during discovery
Caused by: org.openid4java.discovery.yadis.YadisException: 0x704: I/O transport error: hostname in certificate didn't match: <www.google.com/> != <www.google.com>
Caused by: javax.net.ssl.SSLException: hostname in certificate didn't match: <www.google.com/> != <www.google.com>

I've attached the full stacktrace to this post rather than pollute the entire post with exceptions.

Could someone please help me? I've been trying to learn how to use Spring Security with Google as an OpenId provider, and if I can't get the sample application working, I don't have much hope for being able to do it on my own.

I am using Java 1.6.0_27 64 bit and this is happening on both of my Windows 7 64 bit computers.

Any help would be greatly appreciated.

Chris Shellenbarger said:

A fix was posted on the forum - it was to revert the version of org.apache.httpcomponents:httpclient to 4.1.1 - the related issue is at https://issues.apache.org/jira/browse/HTTPCLIENT-1118

Rob Winch said:

This is an issue with openid4java's usage of HttpClient 4.1.2. See http://code.google.com/p/openid4java/issues/detail?id=162 To fix it I have reverted back to HttpClient 4.1.1

@spring-issuemaster spring-issuemaster added this to the 3.1.0 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment