As part of the Rhapsody server authentication process, when examining its SSL certificate the Rhapsody IDE attempts to verify that the presented SSL certificate is for the computer that it is connecting to. This is done by verifying that the hostname used to establish the connection can be found inside the SSL certificate. This check is not performed if the hostname used to connect to the engine is localhost or 127.0.0.1 for connecting to an engine on the same machine as the IDE. However, the check is performed if the local machine's real hostname is used rather than the loopback address. In the case of a mismatch, a Hostname Mismatch error dialog is displayed.
Hostnames are retrieved from the SSL certificate by extracting the certificate subject's Common Name, as well as any DNS names that can be found in the SubjectAlternativeNames extension (if present). If the hostname used to connect to the engine does not match any of these extracted hostnames using a case-insensitive comparison, then the connection attempt is aborted.
The error usually occurs when connecting to a Rhapsody engine using its IP address rather than its hostname, as IP addresses are typically not stored within SSL certificates.
The preferred resolution to this problem is to fix either the SSL certificate to include the correct hostname, or fix the DNS resolution problems so that a direct IP address is not required for the connection. In cases where this may not be possible, the Rhapsody IDE Trust Manager application can be used to suppress this warning for a specific Rhapsody engine.
| Action | Description |
|---|---|
| Close | Cancels the connection so the login does not take place. |
| View certificate | Displays the SSL certificate presented by the Rhapsody engine using the standard Windows® certificate viewer. |
| Rhapsody IDE Trust Manager | Launches the Rhapsody IDE Trust Manager to allow manual editing of the Rhapsody IDE trust relationships. |