Java SNI Handshake Issue #16
Description
Interesting issue discovered when you use a wildcard cert (*.domain-name.com) and configure the FQDN in the qradar.properties file.. The following error is received after the server loads properly and you attempt at accessing the application:
javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
at sun.security.ssl.ClientHandshaker.handshakeAlert(ClientHandshaker.java:1288)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1904)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1027)
...
Seems that Java introduced SNI support which is enabled by default. I have found out that certain misconfigured servers send an "Unrecognized Name" warning in the SSL handshake which is ignored by most clients... except for Java.
If not mistaken this can be corrected by adding the following property to the build.gradle file (which deactivates this feature completely):
System.setProperty("jsse.enableSNIExtension", "false")
bootRun.systemProperties = System.properties
I haven't tried this fix as i'm not sure what impact it might have... Thoughts?