On Wed, Mar 30, 2005 at 12:40:34AM -0600, Sasisekar S Sundaram wrote: : Few browsers (like Mozilla) are giving a warning message ==> " Security Error: : Doamin Name Mismatch" with https. : [snip] : It is important for me to over ride this Warning : message in our production environment. I read somewhere that I can override : the HostnameVerifier interface and achieve the solution. Can some one guide me : about how to modify it and integrate with Tomcat. I appreciate your time.
The SSL cert warning comes from the browser side, not the server side. (SSL-enabled clients get a copy of the server cert during the handshake, and can run any sort of tests against it.) So you'd have to modify the source of the client browser, not Tomcat. If one could override this behavior at the server side, that would defeat that whole "verification" feature of SSL. =) Someone else suggested you do a redirect to the host for which the cert is named. You can do this as long as the redirect happen in cleartext mode. Again, since the SSL cert exchange happens during the handshake -- before the server gets a chance to respond with a 30x redirect message -- you can't do this if the client first connects to the SSL-enabled port. -QM -- software -- http://www.brandxdev.net/ tech news -- http://www.RoarNetworX.com/ code scan -- http://www.JxRef.org/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
