Tune hostname-commonname mismatch message

1 files changed, 4 insertions, 3 deletions

diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java
index 8c851ed5489..f6f6bb1dbca 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java
@@ -117,7 +117,7 @@ public class CertificateSigner {
         }
     }
 
-    static void verifyCertificateCommonName(X500Name subject, String commonName) {
+    static void verifyCertificateCommonName(X500Name subject, String remoteHostname) {
         List<AttributeTypeAndValue> attributesAndValues = Arrays.stream(subject.getRDNs())
                 .flatMap(rdn -> rdn.isMultiValued() ?
                         Stream.of(rdn.getTypesAndValues()) : Stream.of(rdn.getFirst()))
@@ -129,8 +129,9 @@ public class CertificateSigner {
         }
 
         String actualCommonName = DERUTF8String.getInstance(attributesAndValues.get(0).getValue()).getString();
-        if (! actualCommonName.equals(commonName)) {
-            throw new IllegalArgumentException("Expected common name to be " + commonName + ", but was " + actualCommonName);
+        if (! actualCommonName.equals(remoteHostname)) {
+            throw new IllegalArgumentException("Remote hostname " + remoteHostname +
+                    " does not match common name " + actualCommonName);
         }
     }