Hi guys!
any idea about this?
regards
Guzmán
-----Mensaje original-----
From: Guzmán Llambías
Sent: Thursday, March 20, 2014 8:50 PM
To: [email protected]
Subject: The https URL hostname does not match the Common Name (CN) on the
server certificate
Hi guys!
I’m trying to consume a service using https with a selfsigned certificate. I
added to my client this code to bypass the hostName verification with the
CN:
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
new javax.net.ssl.HostnameVerifier(){
public boolean verify(String hostname,
javax.net.ssl.SSLSession sslSession) {
if (hostname.equals("localhost")) {
return true;
}
return false;
}
});
but the following error occurs:
“The https URL hostname does not match the Common Name (CN) on the server
certificate. To disable this check (NOT recommended for production) set the
CXF client TLS configuration property "disableCNCheck" to true.”
I set disableCNCheck to false and worked, but if I remove the
DefaultHostNameVerifier the following error occurs:
“Caused by: java.security.cert.CertificateException: No name matching
localhost found”
please, can anyone explain me the difference between both validations,
errors and why I have to but both if they seems to have the same behaviour?
thanks in advance
Regards
Guzmán
