Ssl handshake issue: no subject alternative DNS name matching framework.console.axoniq.io found

stijnhaezebrouck · January 21, 2026, 7:10am

I am getting the following error:

2026-01-21T08:07:42.070+01:00 DEBUG 65370 --- [pool-2-thread-1] i.a.c.f.c.AxoniqConsoleRSocketClient     : Failed to connect to Axoniq Platform

reactor.core.Exceptions$ReactiveException: javax.net.ssl.SSLHandshakeException: (certificate_unknown) No subject alternative DNS name matching framework.console.axoniq.io found.

Seems that axoniq is returning a *.axoniq.io certificate. Seems that wildcards are only supported one level deep.

I am using java 25, spring boot 4 and axon framework 4.12.3

Morlack · January 27, 2026, 8:05am

Hello Stijn, thank you for reporting the issue.

We have investigated and you are right, the hostname is not valid for the certificate. This didn’t use to be a problem with Netty 4 and below, as they disabled hostname verification. However, in more recent versions included in SB4 they removed this, re-enabling the host name verification and leading to this error.

We will resolve this promptly. Thank you for your patience.