Did that not work?
-Dcom.naryx.cfm.http.X509HostnameVerifier=yourname.domain.com
On 12/09/2013 21:46, galvanash wrote:
So another developer team at my company is developing a REST web
service in .NET and we need to do testing with it in OpenBD. Having
played with it in a browser I am fairly certain using it from OpenBD
will be trivial, but we have a problem when it comes to actually
testing it...
The test server is setup using a self-signed certificate. No problem I
figured, been there, done that. I added the cert to our keystore
thinking that would take care of everything - nope... Turns out the
certificate is setup for a different hostname (from another site on
that box), but we can't use that hostname because they are using host
headers to direct the traffic to the test web service. They can't or
won't change it - they don't understand the issue since they can deal
with it just fine on their end (ugghhhh)...
So long story short, I started digging into how to get OpenBD/Java to
ignore hostname mismatches. I came across this in the source code for
OpenBD (cfHttpConnection.java)
if(System
<http://java.sun.com/j2se/1.5.0/docs/api/java/lang/System.html>.getProperty("com.naryx.cfm.http.X509HostnameVerifier")!=
null){
String
<http://java.sun.com/j2se/1.5.0/docs/api/java/lang/String.html> hostnameVerifier
= System
<http://java.sun.com/j2se/1.5.0/docs/api/java/lang/System.html>.getProperty("com.naryx.cfm.http.X509HostnameVerifier");
cfEngine.log("-] Using alternative CFHTTP hostname verifier: " +
hostnameVerifier );
hostVerifier = ( X509HostnameVerifier )Class
<http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Class.html>.forName( hostnameVerifier
).newInstance();
}
I never saw this feature before and I can't find documentation for it
anywhere. My question I guess is does anyone know how to get this to
work? I tried creating a class implementing X509HostnameVerifier and I
put the class file for it in /WEB-INF/classes - then I set the
com.naryx.cfm.http.X509HostnameVerfier property to the name of the
class in my server startup - but it doesn't seem to do anything at all.
Is this worth bothering with? Is there another way to get CFHTTP to
ignore hostname mismatches? I have already been done the road of
trying to implement a java agent to set the default hostnameverfifier,
but that doesn't seem to work either...
galvanash
--
--
online documentation: http://openbd.org/manual/
http://groups.google.com/group/openbd?hl=en
---
You received this message because you are subscribed to the Google Groups "Open BlueDragon" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
