Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Are Subject Alternative Names compulsory for SSL in Jetty 9.4.18?

Please note that keystores which worked without SAN in jetty 9.4.8 , now give "No subject alternative name" errors on running the applications on jetty 9.4.18 . Does that not signify that SANs are compulsory with jetty 9.4.18 ? Also , these keystores already have CN. 

Would appreciate a more detailed explanation on this issue , from the jetty developers. Also , the error seems fully related to Jetty,  since it stems from jetty SSL Context. 


On Sun, 15 Sep, 2019, 3:38 AM Simone Bordet, <sbordet@xxxxxxxxxxx> wrote:

On Sat, Sep 14, 2019 at 7:05 PM Sonali Dasgupta
<sonalidasgupta95.2011@xxxxxxxxx> wrote:
> Are Subject Alternative Names (SANs) in keystores compulsory while configuring SSL over Jetty server (version 9.4.18) ?


> Is there a property which on being set , allows SSL configuration without SANs in the keystore z/

I don't understand this, and it has nothing to do with Jetty how you
setup your keystore.
If you don't want to use SAN, you just use the CN (perhaps with a wild
domain) and you're good to go.

> Facing critical issues hence help will be appreciated.

If you need critical support for Jetty, you can lookup commercial
support from Webtide:

Simone Bordet
Developer advice, training, services and support
from the Jetty & CometD experts.
jetty-users mailing list
To change your delivery options, retrieve your password, or unsubscribe from this list, visit

Back to the top