So another developer team at my company is developing a REST web service in .NET and we need to do testing with it in OpenBD. Having played with it in a browser I am fairly certain using it from OpenBD will be trivial, but we have a problem when it comes to actually testing it...
The test server is setup using a self-signed certificate. No problem I figured, been there, done that. I added the cert to our keystore thinking that would take care of everything - nope... Turns out the certificate is setup for a different hostname (from another site on that box), but we can't use that hostname because they are using host headers to direct the traffic to the test web service. They can't or won't change it - they don't understand the issue since they can deal with it just fine on their end (ugghhhh)... So long story short, I started digging into how to get OpenBD/Java to ignore hostname mismatches. I came across this in the source code for OpenBD (cfHttpConnection.java) if ( System <http://java.sun.com/j2se/1.5.0/docs/api/java/lang/System.html>. getProperty( "com.naryx.cfm.http.X509HostnameVerifier" ) != null ) { String <http://java.sun.com/j2se/1.5.0/docs/api/java/lang/String.html> hostnameVerifier = System <http://java.sun.com/j2se/1.5.0/docs/api/java/lang/System.html>. getProperty( "com.naryx.cfm.http.X509HostnameVerifier" ); cfEngine.log( "-] Using alternative CFHTTP hostname verifier: " + hostnameVerifier ); hostVerifier = ( X509HostnameVerifier )Class<http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Class.html> .forName( hostnameVerifier ).newInstance(); } I never saw this feature before and I can't find documentation for it anywhere. My question I guess is does anyone know how to get this to work? I tried creating a class implementing X509HostnameVerifier and I put the class file for it in /WEB-INF/classes - then I set the com.naryx.cfm.http.X509HostnameVerfier property to the name of the class in my server startup - but it doesn't seem to do anything at all. Is this worth bothering with? Is there another way to get CFHTTP to ignore hostname mismatches? I have already been done the road of trying to implement a java agent to set the default hostnameverfifier, but that doesn't seem to work either... galvanash -- -- online documentation: http://openbd.org/manual/ http://groups.google.com/group/openbd?hl=en --- You received this message because you are subscribed to the Google Groups "Open BlueDragon" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
