I'm attempting to secure a web service using TSL/SSL over HTTPS with JBoss AS 7.1.1.Final. When I run a client against the test web service I get the following exception:
Caused by: java.io.IOException: The https URL hostname does not match the Common Name (CN) on the server certificate. To disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1339)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42)
at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1414)
... 12 more
I've seen where in versions up to AS 5 where you can set the 'org.jboss.security.ignoreHttpsHost' environment variable during development to disable this check, but it doesn't appear to work for AS 7.
Is this still applicable? Is there a better way or other work arounds to accomplish the same behavior?
Thanks in advance,
Doug
One possilbe, if not odvious, workaround is to create a new certificate for testing only that uses 'localhost' for the CN. Please let me know if this is the recommended method or if there is something more eloquent.