How to disable hostname verification in JBoss WS CXF

Solution Unverified - Updated -

Issue

  • Is there a way to disable hostname verification in JBoss WS CXF?
  • Disabling certificate common name check does not work in EAP 6.1.0 using Apache CXF which leads to the following issue:-
Caused by: java.io.IOException: The https URL hostname does not match the Common Name (CN) on the server certificate in the client's truststore.  Make sure server certificate is correct, or to disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.
  • My client is presenting the following error:
2013-12-10 13:09:48,870 ERROR[org.docx4j.org.xhtmlrenderer.exception](pool-306-thread-1) IO problem for
 https://HOST/CONTEXT/images.res?imageName=IMG.jpg java.io.IOException: HTTPS hostname wrong: should be <IP_ADDRESS>
  • Is it recommended to use the parameter "-Dorg.jboss.security.ignoreHttpsHost=true"?
  • Is it better to configure the application to ignore the certificates?

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 5.x
    • 6.x
    • 7.x
  • JBoss WS CXF stack
  • JBoss Fuse Service Works 6.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In