Hexagon Geospatial

M.App Enterprise Discussions

Discuss topics with other M.App Enterprise Product pioneers and experts to get the most out of it.
Turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Do you mean 
Reply
Highlighted
Frequent Contributor
SF341095
Posts: 114
Registered: ‎05-25-2016
Accepted Solution

"Error while loading descriptor" M.App Enterprise 16.5 with self signed certificate

‎09-28-2018 04:48 PM

I´ve just updated M.App Enterprise to the new version in an test / local server, the server does not have a domain name or a public facing static IP therefore I used the self signed certificate option. 

As a result I cannot use the desktop thin client. Seems like the self signed certificate does not fulfills the requirements of the java client.

Any workaround guys?

Here is the error message:

 

Error while loading descriptor from https://192.168.1.155/api/v1/desktopclient/624eac7a-56ca-4269-ad56-c657f6d9b361.hnlp?tenant=BSI&refreshToken=a8103143-076a-478b-a824-d76a783b0c25. 
java.io.IOException: No subject alternative names matching IP address 192.168.1.155 found
	at java.net.http/jdk.internal.net.http.HttpClientImpl.send(Unknown Source)
	at java.net.http/jdk.internal.net.http.HttpClientFacade.send(Unknown Source)
	at com.hexagon.applauncher.core/com.hexagon.applauncher.core.AppLauncher.loadDescriptor(Unknown Source)
	at com.hexagon.applauncher.core/com.hexagon.applauncher.core.AppLauncher.init(Unknown Source)
	at com.hexagon.applauncher.core/com.hexagon.applauncher.core.AppLauncher.lambda$start$0(Unknown Source)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
	at java.base/java.lang.Thread.run(Unknown Source)
Caused by: javax.net.ssl.SSLHandshakeException: No subject alternative names matching IP address 192.168.1.155 found
	at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
	at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(Unknown Source)
	at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(Unknown Source)
	at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(Unknown Source)
	at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(Unknown Source)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(Unknown Source)
	at java.base/java.util.ArrayList.forEach(Unknown Source)
	at java.net.http/jdk.internal.net.http.common.SSLFlowDelegate.lambda$executeTasks$3(Unknown Source)
	at java.net.http/jdk.internal.net.http.HttpClientImpl$DelegatingExecutor.execute(Unknown Source)
	at java.net.http/jdk.internal.net.http.common.SSLFlowDelegate.executeTasks(Unknown Source)
	at java.net.http/jdk.internal.net.http.common.SSLFlowDelegate.doHandshake(Unknown Source)
	at java.net.http/jdk.internal.net.http.common.SSLFlowDelegate$Reader.processData(Unknown Source)
	at java.net.http/jdk.internal.net.http.common.SSLFlowDelegate$Reader$ReaderDownstreamPusher.run(Unknown Source)
	at java.net.http/jdk.internal.net.http.common.SequentialScheduler$SynchronizedRestartableTask.run(Unknown Source)
	at java.net.http/jdk.internal.net.http.common.SequentialScheduler$CompleteRestartableTask.run(Unknown Source)
	at java.net.http/jdk.internal.net.http.common.SequentialScheduler$SchedulableTask.run(Unknown Source)
	... 3 more
Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address 192.168.1.155 found
	at java.base/sun.security.util.HostnameChecker.matchIP(Unknown Source)
	at java.base/sun.security.util.HostnameChecker.match(Unknown Source)
	at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)
	at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)
	at java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(Unknown Source)
	at java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(Unknown Source)
	... 22 more
1 person had this problem.
Report Inappropriate Content
Message 1 of 9 (1,604 Views)
Reply
0 HexPoints
Technical Evangelist
Technical Evangelist
stefan.schuettenkopf
Posts: 152
Registered: ‎09-01-2015

Re: "Error while loading descriptor" M.App Enterprise 16.5 with self signed certificate

‎09-30-2018 10:36 PM

Have you created a new certificate or are you just using the existing self-signed one?

 

If latter one, you have to create a new self-signed certificate in the installation process.

Report Inappropriate Content
Message 2 of 9 (1,543 Views)
Reply
0 HexPoints
Frequent Contributor
SF341095
Posts: 114
Registered: ‎05-25-2016

Re: "Error while loading descriptor" M.App Enterprise 16.5 with self signed certificate

‎10-01-2018 12:15 PM

It is a newly generated certificate, generated by the installer during the update process... I´ve already tried regenerating the certificate using the "modify" option of the installer with no favorable results.

And It looks like I´m not alone :

https://community.hexagongeospatial.com/t5/Support-M-App-Enterprise/Hexagon-App-Launcher-fails-to-st...

Report Inappropriate Content
Message 3 of 9 (1,536 Views)
Reply
0 HexPoints
sturcato
Staff
sturcato
Posts: 1,037
Registered: ‎10-18-2015

Re: "Error while loading descriptor" M.App Enterprise 16.5 with self signed certificate

‎10-01-2018 12:41 PM

the solution is indeed to load a proper SSL certificate. For testing purposes you can use http without issues.

 

Stefano

Stefano Turcato
Presale Engineer
Hexagon Geospatial
Report Inappropriate Content
Message 4 of 9 (1,532 Views)
Reply
0 HexPoints
Frequent Contributor
RaduConst
Posts: 78
Registered: ‎10-12-2015

Re: "Error while loading descriptor" M.App Enterprise 16.5 with self signed certificate

‎10-02-2018 12:19 AM

Hello,

 

Try using the servername instead of the ip to connect to the application.

 

https://srvname/apps/?tenant=tenantname

 

You might also need to add the srvname to the hosts file if it's not accessible by default in your network:

 

C:\Windows\System32\drivers\etc\hosts

192.168.1.155 srvname

Regards,

Radu

Report Inappropriate Content
Message 5 of 9 (1,522 Views)
Reply
0 HexPoints
Technical Evangelist
Technical Evangelist
tpaul
Posts: 178
Registered: ‎03-03-2016

Re: "Error while loading descriptor" M.App Enterprise 16.5 with self signed certificate

‎10-02-2018 12:33 AM

The hostname is validated against the certifcate's hostname. They need to match.

Report Inappropriate Content
Message 6 of 9 (1,518 Views)
Reply
0 HexPoints
Technical Evangelist
Technical Evangelist
sclow
Posts: 626
Registered: ‎11-12-2015

Re: "Error while loading descriptor" M.App Enterprise 16.5 with self signed certificate

[ Edited ]

‎10-02-2018 05:50 AM - edited ‎10-02-2018 05:52 AM

Hi S.Fonseca,

 

Indeed the Hexagon App Launcher (Desktop M.Apps) needs to be launched from a URL to which the hostname matches the newly generated M.App Enterprise 2018 certificate hostname. If these are different the launcher will fail.

Report Inappropriate Content
Message 7 of 9 (1,510 Views)
Reply
0 HexPoints
enrique.martinez
Occasional Contributor
enrique.martinez
Posts: 14
Registered: ‎07-12-2017

Re: "Error while loading descriptor" M.App Enterprise 16.5 with self signed certificate

‎11-12-2018 01:59 PM

Is valid an autosigned certificate?

Thanks a lot.

 

Report Inappropriate Content
Message 8 of 9 (1,313 Views)
Reply
0 HexPoints
esalgadoe
Contributor
esalgadoe
Posts: 68
Registered: ‎10-10-2015

Re: "Error while loading descriptor" M.App Enterprise 16.5 with self signed certificate

[ Edited ]

‎11-12-2018 02:53 PM - edited ‎01-17-2019 08:16 PM

My server is for testing and I using https://letsencrypt.org for create my Free SSL Certificate. 

 

This video was helpful for me https://youtu.be/Z3jd8NOOY2o

 

Everything in M.App Enterprise working ok. 

 

This is other option Zerossl.com

 

Set up a Free SSL Certificate on a Windows Server Using Let's Encrypt
Set up a Free SSL Certificate on a Windows Server Using Let's Encrypt
youtu.be/Z3jd8NOOY2o
UPDATE*** . We have a newer version of this video, check out the latest here - https://youtu.be/nlt9kbwnS_0 In Episode 44 of the Tech Smart Boss Podcast, I talked about 3 ways to set your website up with SSL encryption and the reasons you needed to do it as soon as possible (listen here - ...
Report Inappropriate Content
Message 9 of 9 (1,306 Views)
Reply