Hi, We use Apache CXF as a webservice client (Wsdl2java) and I am trying to understand the HTTPClientPolicy setHost usage for HTTPS communication. We have DNS mappings locally done in the hosts file and dont want hosts file misconfiguration to affect the application. For this reason we have used setHost and make an https call using one-way SSL(Client doesn't send any certs). The X509 cert at the webservice endpoint has the CN with its hostname.
The call to service fails saying that the CNCheck should be disabled at the client. I am assuming that the connection made through HTTPConduit doesn't use the HOST setting and the HTTPUrlConnection opened always connects by the IP mentioned in the BindingProvider configuration. http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java?view=markup As prepare method call suggests cxf doesn't use the host setting to open the connection. Is there any chance to consider this requirement or has another workaround? Thanks, Naresh -- View this message in context: http://cxf.547215.n5.nabble.com/HttpClientPolicy-setHost-and-disableCNCheck-tp4840875p4840875.html Sent from the cxf-user mailing list archive at Nabble.com.
