[jboss-user] [Beginner's Corner] - JBoss AS 7.1.x: org.jboss.security.ignoreHttpsHost

Doug Martin do-not-reply at jboss.com
Tue Aug 14 22:53:23 EDT 2012

Doug Martin [https://community.jboss.org/people/doug.j.martin] created the discussion

"JBoss AS 7.1.x: org.jboss.security.ignoreHttpsHost"

To view the discussion, visit: https://community.jboss.org/message/753703#753703

I'm attempting to secure a web service using TSL/SSL over HTTPS with +JBoss AS 7.1.1.Final.+ When I run a client against the test web service I get the following exception:

Caused by: java.io.IOException: The https URL hostname does not match the Common Name (CN) on the server certificate.  To disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1339)
    at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42)
    at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1414)
    ... 12 more

I've seen where in versions up to AS 5 where you can set the 'org.jboss.security.ignoreHttpsHost' environment variable during development to disable this check, but it doesn't appear to work for AS 7.

Is this still applicable? Is there a better way or other work arounds to accomplish the same behavior?

Thanks in advance,


Reply to this message by going to Community

Start a new discussion in Beginner's Corner at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20120814/b23f7ae6/attachment.html 

More information about the jboss-user mailing list