Showing results for 
Search instead for 
Did you mean: 

Problem accessing the absolute URL in JSP / JSTL on using tag

0 Kudos

I am trying to display content of absolute media url in jsp / JSTL using <c:import> tag, the code is below

<%@ page contentType="text/plain" language="java" trimDirectiveWhitespaces="true" %>
<%@ taglib prefix="c" uri=""%>
<%@ taglib prefix="fn" uri="" %>
<c:if test="${not ((cmsSite.uid eq 'swc') || (cmsSite.uid eq 'sds'))}" >
<?xml version="1.0" encoding="UTF-8"?>
<sitemapindex xmlns="">
<c:forEach items="${siteMapUrls}" var="loc">
<c:if test="${((cmsSite.uid eq 'swc') || (cmsSite.uid eq 'sds'))}" >
<c:forEach items="${siteMapUrls}" var="loc">
<c:import var = "siteMap" url="${fn:escapeXml(loc)}"/>

But when I am accessing the url https://a.local:9002/sitemap.xml. It is giving me below error.

Problem accessing the absolute URL "https://a.local:9002/medias/GSBOL-20221216.xml?context=bWFzdGVyfHJvb3R8OTc2OTN8dGV4dC94bWx8aGEwL2g4My84Nzk2MTQxODQ2NTU4LnhtbHwwNGY1NWI4ZDc0ZjkyMTdlZDU0OTg4Y2FiZmNmODMyNzRlMWI4MTA4NzQ3ODAwN2JjNTk5ODMzYTdhNDBkMDUw". No subject alternative DNS name matching swc.local found.

On passing unsecure url "http://a.local:9001/medias/GSBOL-20221216.xml?context=bWFzdGVyfHJvb3R8OTc2OTN8dGV4dC94bWx8aGEwL2g4My84Nzk2MTQxODQ2NTU4LnhtbHwwNGY1NWI4ZDc0ZjkyMTdlZDU0OTg4Y2FiZmNmODMyNzRlMWI4MTA4NzQ3ODAwN2JjNTk5ODMzYTdhNDBkMDUw

Above code is working as expected and displaying the contents of xml file on using unsecure url.

Anyone knows about this issue.

Accepted Solutions (0)

Answers (1)

Answers (1)

0 Kudos

You are using a self-signed certificate for a server-to-server call.

To fix the error, you can try the following:

  1. Update the cacert: This will ensure that the JVM trusts the certificate presented by the server.
  2. Disable certificate validation in the JVM.

Note 1: Disabling certificate validation can introduce security risks, it's not recommended to use it in production environment.
Note 2: Generally, you can see further details by adding (only for debug)
Note 3: In you specific case, since you are calling an internal URL (the server is calling itself), think if you really need HTTPS on your development environment. Even if you will use a valid certificate, you will be in charge of whitelisting the new certificates on on-premise installations (point 1) as the JVM does not automatically trust all certificates.