how to solve javax.net.ssl.SSLPeerUnverifiedException: Hostname .com not verified:

UPDATE

Because the exception is javax.net.ssl.SSLPeerUnverifiedException: Hostname justedhak.com not verified with DN: CN=*.ipage.com... and subjectAltNames: [*.ipage.com, ipage.com]

As a result, you can replace the setHostnameVerifier at my below sample code (because return true is not recommended) by the following:

client.setHostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String hostname, SSLSession session) {
                //return true;
                HostnameVerifier hv =
                        HttpsURLConnection.getDefaultHostnameVerifier();
                return hv.verify("ipage.com", session);
            }
        });

You will get the success result as the below screenshot too.


If you want to work with that host's HTTPS only for your learning purpose or developing environment, you can refer the following way, of course you can change my GET request by your POST one:

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        mTextView = (TextView) findViewById(R.id.textView);
        mHandler = new Handler(Looper.getMainLooper());
        OkHttpClient client = new OkHttpClient();
        client.setHostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        });
        Request request = new Request.Builder()
                .url("https://justedhak.com/Files/users.php")
                .build();
        client.newCall(request).enqueue(new Callback() {
            @Override
            public void onFailure(Request request, IOException e) {
                // do something...
                Log.e(LOG_TAG, e.toString());
            }

            @Override
            public void onResponse(Response response) throws IOException {
                // do something...
                Log.i(LOG_TAG, response.body().string());
            }
        });
    }

Here's the screenshot

BNK's screenshot

You can also read more at the following question:

OkHttp trusting certificate

Tags:

Android

Okhttp