Hostname verification of the types you are asking about is a client side verification of the server certificate.
The server doesn't do anything more then give that server certificate to the client and the client verifies it. You either fix this issue on the client side to not pay attention to the certificate hostname, or change the certificate on the server side to give the client the right hostname. Joakim Erdfelt / joa...@webtide.com On Wed, May 16, 2018 at 5:47 AM, Luis Morales Alcala < lmoral...@vectoritcgroup.com> wrote: > Hi Joakim > > I have read a lot about this and on version 9.x the hostname verification > is enabled by default in the server. > > I need to disable this verification in the server but the method > setEndpointIdentificationAlgorithm is not working well. > > > SslContextFactory.setEndpointIdentificationAlgorithm(null); > > > ------------------------------ > *De:* jetty-users-boun...@eclipse.org <jetty-users-boun...@eclipse.org> > en nombre de Joakim Erdfelt <joa...@webtide.com> > *Enviado:* miƩrcoles, 16 de mayo de 2018 12:44 > *Para:* Jetty @ Eclipse developer discussion list > *Cc:* jetty-users@eclipse.org > *Asunto:* Re: [jetty-users] [jetty-dev] How to disable hostname > validation on jetty embedded server 9.x version > > Server doesn't do that, the client does. > > Joakim Erdfelt / joa...@webtide.com > > On Wed, May 16, 2018 at 5:43 AM, Luis Morales Alcala < > lmoral...@vectoritcgroup.com> wrote: > > > Dear All, > > Can someone help me with this problem? > > > > > > > > > > > > > > > > > ------------------------------ > *De:* Luis Morales Alcala > *Enviado:* miƩrcoles, 9 de mayo de 2018 16:38 > *Para:* jetty-users@eclipse.org; jetty-...@eclipse.org > *Asunto:* How to disable hostname validation on jetty embedded server 9.x > version > > > Dear all > Currently I have a Verison 9.3.x Embedded Jetty server working perfectly > offering websockets communications through port 8080 and through 8443 for > secure communications. > I need to disable the validation of the hostname as well as the > certificates but I can not disable it. > > I am using the method setTrustAll and setEndpointIdentificationAlgorithm(null) > but the hostname verification is still activated. > sslContextFactory.setTrustAll(true); > sslContextFactory.setEndpointIdentificationAlgorithm(null); > How can avoid it? > > Best regards > > > _______________________________________________ > jetty-dev mailing list > jetty-...@eclipse.org > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://dev.eclipse.org/mailman/listinfo/jetty-dev > > > > _______________________________________________ > jetty-dev mailing list > jetty-...@eclipse.org > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://dev.eclipse.org/mailman/listinfo/jetty-dev >
_______________________________________________ jetty-users mailing list jetty-users@eclipse.org To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users