sabato 17 marzo 2012

Web service invocation - default HostName verifier Error

When calling https based web service - some client implementation may launch an exception due invalid server certificate.
Infact according TLS specs client should verify that the  DN  in server certificate should match with and hostname present in web service url invocation.
For example if client calls a web service at https://myserver/mywebservice?wsdk then  my server certificate should present  DN=myserver.
If not client should launch an exception due invalid certificate.

To avoid this problem (if can't modify server certificate) you can skip that check on client side simply adding that piece of code:    

            System.getProperties().setProperty( "java.protocol.handler.pkgs", "" );
      hv = new {
                   public boolean verify(String arg0, SSLSession arg1) {return true;}
      hv );

Nessun commento:

Posta un commento