Certificate subject issue trying to authenticate via auth2

What steps will reproduce the problem?
1.Use Spring Social 1.1.0 and Spring Social Google 1.0.0
2.Try to login on my custom web app using Google+ account
3.Confirm permissions to custom web application

What is the expected output? What do you see instead?
An exception is thrown instead of successful login

What version of the product are you using? On what operating system?
Spring Social 1.1.0 and Spring Social Google 1.0.0

Please provide any additional information below.

[25 apr 2015 11:30:43,244] DEBUG - SocialAuthenticationFilter - Request is to 
process authentication
[25 apr 2015 11:30:43,273] DEBUG - RestTemplate               - Created POST 
request for "https://accounts.google.com/o/oauth2/token"
[25 apr 2015 11:30:43,300] DEBUG - RestTemplate               - Setting request 
Accept header to [application/x-www-form-urlencoded, multipart/form-data, 
application/json, application/*+json]
[25 apr 2015 11:30:43,300] DEBUG - RestTemplate               - Writing 
[{client_id=[615830623569-itqm9cnfer8cs24ahj7ovq20uba92k2o.apps.googleuserconten
t.com], client_secret=[uC-twqfGnaM5JPMdYnh8PrYR], 
code=[4/7Oc2FzlTso3QmTX3Oc7bIj2u9huvCjPZ4BbO-EJE-xk.MsYrdHT2hTQdyjz_MlCJoi3ITdTf
mQI], redirect_uri=[http://localhost:8181/YouTouristBE/auth/google], 
grant_type=[authorization_code]}] as "application/x-www-form-urlencoded" using 
[org.springframework.http.converter.FormHttpMessageConverter@15f4c581]
[25 apr 2015 11:30:43,672] DEBUG - RestTemplate               - POST request 
for "https://accounts.google.com/o/oauth2/token" resulted in 200 (OK)
[25 apr 2015 11:30:43,674] DEBUG - RestTemplate               - Reading 
[interface java.util.Map] as "application/json;charset=utf-8" using 
[org.springframework.http.converter.json.MappingJackson2HttpMessageConverter@490
b4af7]
[25 apr 2015 11:30:43,746] DEBUG - RestTemplate               - Created GET 
request for "https://www.googleapis.com/plus/v1/people/me"
[25 apr 2015 11:30:43,811] DEBUG - RestTemplate               - Setting request 
Accept header to [application/json, application/*+json]
[25 apr 2015 11:30:43,965] DEBUG - Auth2AuthenticationService - failed to 
exchange for access
org.springframework.web.client.ResourceAccessException: I/O error on GET 
request for "https://www.googleapis.com/plus/v1/people/me":Host name 
'www.googleapis.com' does not match the certificate subject provided by the 
peer (CN=*.storage.googleapis.com, O=Google Inc, L=Mountain View, 
ST=California, C=US); nested exception is 
javax.net.ssl.SSLPeerUnverifiedException: Host name 'www.googleapis.com' does 
not match the certificate subject provided by the peer 
(CN=*.storage.googleapis.com, O=Google Inc, L=Mountain View, ST=California, 
C=US)
    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:557)
    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:502)
    at org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:239)
    at org.springframework.social.google.api.impl.AbstractGoogleApiOperations.getEntity(AbstractGoogleApiOperations.java:50)
    at org.springframework.social.google.api.plus.impl.PlusTemplate.getPerson(PlusTemplate.java:105)
    at org.springframework.social.google.api.plus.impl.PlusTemplate.getGoogleProfile(PlusTemplate.java:110)
    at org.springframework.social.google.connect.GoogleAdapter.fetchUserProfile(GoogleAdapter.java:51)
    at org.springframework.social.google.connect.GoogleAdapter.fetchUserProfile(GoogleAdapter.java:31)
    at org.springframework.social.google.connect.GoogleConnectionFactory.extractProviderUserId(GoogleConnectionFactory.java:37)
    at org.springframework.social.connect.support.OAuth2ConnectionFactory.createConnection(OAuth2ConnectionFactory.java:91)
    at org.springframework.social.security.provider.OAuth2AuthenticationService.getAuthToken(OAuth2AuthenticationService.java:99)
    at org.springframework.social.security.SocialAuthenticationFilter.attemptAuthService(SocialAuthenticationFilter.java:239)
    at org.springframework.social.security.SocialAuthenticationFilter.attemptAuthentication(SocialAuthenticationFilter.java:157)
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:211)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:108)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:315)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Host name 
'www.googleapis.com' does not match the certificate subject provided by the 
peer (CN=*.storage.googleapis.com, O=Google Inc, L=Mountain View, 
ST=California, C=US)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:465)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:395)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)
    at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134)
    at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)
    at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)
    at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
    at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
    at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
    at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
    at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
    at org.springframework.http.client.HttpComponentsClientHttpRequest.executeInternal(HttpComponentsClientHttpRequest.java:84)
    at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:46)
    at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:52)
    at org.springframework.http.client.InterceptingClientHttpRequest$RequestExecution.execute(InterceptingClientHttpRequest.java:94)
    at org.springframework.social.oauth2.OAuth2RequestInterceptor.intercept(OAuth2RequestInterceptor.java:45)
    at org.springframework.http.client.InterceptingClientHttpRequest$RequestExecution.execute(InterceptingClientHttpRequest.java:84)
    at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:69)
    at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:46)
    at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:52)
    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:541)
    ... 41 more
[25 apr 2015 11:30:43,967] DEBUG - SocialAuthenticationFilter - Authentication 
request failed: 
org.springframework.security.authentication.AuthenticationServiceException: 
authentication failed
Original issue reported on code.google.com by marcuss...@gmail.com on 26 Apr 2015 at 8:10
roniest / google-apis-explorer

Certificate subject issue trying to authenticate via auth2 #301
