[jboss-user] [Beginner's Corner] - JBoss AS 7.1.x: org.jboss.security.ignoreHttpsHost

[Doug Martin]

Doug Martin [https://community.jboss.org/people/doug.j.martin] created the discussion

"JBoss AS 7.1.x: org.jboss.security.ignoreHttpsHost"

To view the discussion, visit: https://community.jboss.org/message/753703#753703

--------------------------------------------------------------
I'm attempting to secure a web service using TSL/SSL over HTTPS with +JBoss AS 7.1.1.Final.+ When I run a client against the test web service I get the following exception:

Caused by: java.io.IOException: The https URL hostname does not match the Common Name (CN) on the server certificate.  To disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1339)
    at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42)
    at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1414)
    ... 12 more

I've seen where in versions up to AS 5 where you can set the 'org.jboss.security.ignoreHttpsHost' environment variable during development to disable this check, but it doesn't appear to work for AS 7.

Is this still applicable? Is there a better way or other work arounds to accomplish the same behavior?

Thanks in advance,

Doug
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/753703#753703]

Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20120814/b23f7ae6/attachment.html