I am getting this exception even though I am disabling hostname verification
Caused by: java.io.IOException: The https URL hostname does not match the
Common Name (CN) on the server certificate in the client's truststore. Make
sure server certificate is correct, or to disable this check (NOT
recommended for production) set the CXF client TLS configuration property
"disableCNCheck" to true.
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1236)
at
org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:195)
at
org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
at
org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1295)
cxf version:2.7.4
jdk:1.7
I am disabling CN check by setting the TLSCLientParameters.
HTTPConduit httpConduit = (HTTPConduit)
ClientProxy.getClient(port).getConduit();
TLSClientParameters tlsCP = new TLSClientParameters();
tlsCP.setDisableCNCheck(true);
tlsCP.setUseHttpsURLConnectionDefaultHostnameVerifier(false);
tlsCP.setUseHttpsURLConnectionDefaultSslSocketFactory(false);
httpConduit.setTlsClientParameters(tlsCP);
httpConduit.setTrustDecider(null);
--
View this message in context:
http://cxf.547215.n5.nabble.com/DisableCNCheck-is-not-working-tp5749897.html
Sent from the cxf-user mailing list archive at Nabble.com.
