Hi carbon team,
This is based on a WSO2 customer query.
While using APIM with a custom host name, the following error occurred.
2014-11-11 09:12:09,794 [-] [HTTPS-Sender I/O dispatcher-1] ERROR
TargetHandler I/O error: Host name verification failed for host :
ourserver.development.host.com
javax.net.ssl.SSLException: Host name verification failed for host :
ourserver.development.host.com
at
org.apache.synapse.transport.http.conn.ClientSSLSetupHandler.verify(ClientSSLSetupHandler.java:152)
at
org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:285)
at
org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:380)
at
org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:118)
at
org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:160)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:342)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:320)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:280)
at
org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
at
org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:604)
at java.lang.Thread.run(Thread.java:745)
This was RESOLVED by modifying the HostnameVerifier parameter of the
<transportSender> element to 'AllowAll'.
But I have the following quesitons.
1. In a production environment, is it a good practice for making
HostnameVerifier AllowAll?
2. What are the implications of making HostnameVerifier AllowAll?
3. Is there any other way to handle this rather than verifying all the
hostnames by default??
Look forward to hearing from you.
Cheers
Rgds
--
*Niranda Perera*
Software Engineer, WSO2 Inc.
Mobile: +94-71-554-8430
Twitter: @n1r44 <https://twitter.com/N1R44>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
