1 Reply Latest reply on Aug 15, 2012 5:07 PM by doug.j.martin

    JBoss AS 7.1.x: org.jboss.security.ignoreHttpsHost

    doug.j.martin

      I'm attempting to secure a web service using TSL/SSL over HTTPS with JBoss AS 7.1.1.Final. When I run a client against the test web service I get the following exception:

       

      Caused by: java.io.IOException: The https URL hostname does not match the Common Name (CN) on the server certificate.  To disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.

          at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1339)

          at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42)

          at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)

          at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1414)

          ... 12 more

       

      I've seen where in versions up to AS 5 where you can set the 'org.jboss.security.ignoreHttpsHost' environment variable during development to disable this check, but it doesn't appear to work for AS 7.

       

      Is this still applicable? Is there a better way or other work arounds to accomplish the same behavior?

       

      Thanks in advance,

       

      Doug