5 Replies Latest reply on Jul 1, 2015 1:09 PM by Guru Prashanth Thanakodi

    Disable hostname verification in WildFly JAX WS

    Guru Prashanth Thanakodi Newbie



      My application is communicating to a soap service. The host name in the certificate is not a actual host name. So , I need to disable the host name verification during the communication.


      I had written a code to test but it fails exactly with the below stack trace.



      Caused by: java.io.IOException: The https URL hostname does not match the Common Name (CN) on the server certificate in the client's truststore.  Make sure server certificate is correct, or to disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.

        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1271)

        at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:210)

        at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47) [cxf-core-3.0.5.jar:3.0.5]

        at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69) [cxf-core-3.0.5.jar:3.0.5]

        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1321)


      Here is the code I have added in my environment.




      The JAXWSProperties.HOSTNAME_VERIFIER is an implementation specific property. Where can I find JAXWSproperties class in Jboss-jaxws implementation. Looks like the weblogic has one at weblogic.wsee.jaxws.JAXWSProperties.HOSTNAME_VERIFIER (Got to know from this blog: svasanta: Disable host name verification in webservices) Instead of JAXWSProperties, if I  use the HttpsURLconnection.setDefaultHostNameVerifier() then also it throws the same exception.