I'm trying to do an HTTPS call to ALB (It has custom certificate attached via listener) via its DNS name which is managed by AWS and looks something like "internal-name-account.eu-west-2.elb.amazonaws.com". The SSL certificate attached to the ALB listener has private domains (e.x *.example.com).
When a java lambda function (inside same VPC) calls the ALB I get the following error
javax.net.ssl.SSLPeerUnverifiedException: Certificate for <internal-<name>-<account>.eu-west-2.elb.amazonaws.com> doesn't match any of the subject alternative names: [*.example.com].
I can successfully call the ALB when I disable SSL host verification in code, but I was wondering if there is any other solution.
Any feedback is appreciated.
It is normal to have this error since the certificate is bounded to the domain *.example.com.
If you are using that certificate on the ALB, then most probably you have domain mapped to that ALB;
e.g www.example.com -- maps to --> alb-public-dns.eu-west-2.elb.amazonaws.com.
Using the above, the java code should initiate the https connection with www.example.com instead of alb-public-dns.eu-west-2.elb.amazonaws.com.