W3C home > Mailing lists > Public > www-validator@w3.org > September 2017

Re: IO Error: handshake alert: unrecognized_name

From: Mark Rogers <mark.rogers@powermapper.com>
Date: Thu, 21 Sep 2017 18:48:10 +0000
To: Vic Woodhouse <vgw@vgwoodhouse.co.uk>, "www-validator@w3.org" <www-validator@w3.org>
Message-ID: <11633151-D887-4A8B-B70E-FD8249E8E06B@powermapper.com>
Hi Vic

The problem isn’t with your SSL certificate. It looks like your hosting is using SNI (Server Name Indication) which is used on shared web hosting where multiple HTTPS websites live on a single web server:
https://en.wikipedia.org/wiki/Server_Name_Indication


SNI works in nearly all web browsers (other than on very, very old versions of Windows – XP or earlier). It doesn’t work in the validator because SNI isn’t well supported by the Java language the validator is written in. The same problem happens with validator.nu which is also written in Java, but not try.powermapper.com which doesn’t use Java.

You can see which browsers support SNI for your site in the ‘Handshake Simulation’ section here:
https://www.ssllabs.com/ssltest/analyze.html?d=www.vgwoodhouse.co.uk&hideResults=on


Hope this helps

Best Regards
Mark

--
Mark Rogers - mark.rogers@powermapper.com<mailto:mark.rogers@powermapper.com>
PowerMapper Software Ltd - www.powermapper.com
Registered in Scotland No 362274 Quartermile 2 Edinburgh EH3 9GL



From: Vic Woodhouse <vgw@vgwoodhouse.co.uk>
Date: Thursday, 21 September 2017 at 14:42
To: "www-validator@w3.org" <www-validator@w3.org>
Subject: IO Error: handshake alert: unrecognized_name
Resent-From: "www-validator@w3.org" <www-validator@w3.org>
Resent-Date: Thursday, 21 September 2017 at 14:43

Hello,

I hope you can help me.

I am unable to access your validation service because of this error message.

We have just changed to SSL certification with our webhosts Go daddy and it seems that the problem started following the change to SSL.    We are hosted on a shared server basis.

I have reproduced below what I have been able to find out and what I previously passed on to Godaddy.

Godaddy have said that they have checked everything, including SSL handshakes, in their server, and other sites hosted on the same server, and have not been able to find any problem.
They have said that they can only address the problem further if they have more specific information from yourselves.

I should be grateful if you could provide more details of the problem for this purpose.



Regards

Vic Woodhouse 020 8810 4500

V.G. Woodhouse & Co. 20 a The Mall Ealing London W5 2PJ
Chartered Certified Accountants, Registered Auditors
http://www.vgwoodhouse.co.uk/


W3C - IO Error: handshake alert: unrecognized_name

https://stackoverflow.com/questions/33580702/w3c-validator-handshake-alert-unrecognized-name

1                              See this answer — "certain misconfigured servers send an "Unrecognized Name" warning in the SSL handshake which is ignored by most clients... except for Java" — You would need to fix the misconfiguration of your server. – Quentin Nov 7 '15 at 13:31
2                              To spell it out: Java, and mostly only Java, has a problem with connecting to servers which send an "unrecognised name" in the SSL handshake. The W3C service is likely written in Java. Your web server sends out an "unrecognised name" warning. Result: The W3C service cannot connect to your server. The solution: fix your server to not send this warning/fix its configuration. How to do this we cannot tell you since we know zilch about your web server. – deceze? Nov 9 '15 at 8:53
1                              any guidance how to fix this much helpful. I didn't have that much knowledge of server. – urfusion Nov 9 '15 at 9:17
1                              Maintainer of the W3C HTML Checker here. The backend of the service is indeed written in Java, using the current Apache Commons HTTP client library. The exception this is coming from is thrown by that code, I don't know of any way to call that code differently that would cause it to be less strict like other clients and ignore the broken non-standard behavior of your server. So I have no way to workaround or prevent this on the W3C service side. – sideshowbarker Dec 12 '15 at 8:27
Received on Thursday, 21 September 2017 18:48:34 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 21 September 2017 18:48:41 UTC