Hi Folks, Enabling/disabling hostname verification was added to carbon kernel 4.4.10 onwards as a system property. The property added was httpclient.hostnameVerifier. Possible values can be Strict, AllowAll, DefaultAndLocalhost. These values will behave same as synapse host name verification options.
1. Strict - A wildcard such as "*.foo.com" matches only subdomains in the same level, for example "a.foo.com". It does not match deeper subdomains such as "a.b.foo.com". 2. AllowAll - Turn off the host name verification. Note that this is not recommended in production setup. This is only for demo and testing purposes only. 3. DefaultAndLocalhost - Works same way as default, except one with one additional relaxation: a host of "localhost", "localhost.localdomain", "127.0.0.1", "::1" will always pass, no matter what is in the server's certificate. 4. If any of the above parameter not provided, it behaves in default way. The only difference between default and Strict is that a wildcard (such as "*.foo.com") with default matches all subdomains, including " a.b.foo.com". example usage: -Dhttpclient.hostnameVerifier=AllowAll Thanks -- Lakshman Udayakantha WSO2 Inc. www.wso2.com lean.enterprise.middleware Mobile: *0717429601*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
