You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by ramnar <ra...@gmail.com> on 2015/11/03 10:11:02 UTC

Re: javax.net.ssl.SSLException: hostname in certificate didn't match

Hi
Use the http component to allow all hosts like the following
httpcomponent.setX509HostnameVerifier(new AllowAllHostnameVerifier());




--
View this message in context: http://camel.465427.n5.nabble.com/javax-net-ssl-SSLException-hostname-in-certificate-didn-t-match-tp5754018p5773339.html
Sent from the Camel - Users mailing list archive at Nabble.com.

RE: javax.net.ssl.SSLException: hostname in certificate didn't match

Posted by "Siano, Stephan" <st...@sap.com>.
Hi,

However you should NEVER do this with a productive scenario as this setting will allow Man-in-the-middle attacks to your HTTPS communication.

The root cause for the issue is that the hostname in the server certificate does not match the URL you are calling (from the error message I would guess that the certificate contains a hostname and you use an IP address). You should try to use the hostname in the URL, then this issue should go away even when using a proper hostname verifier.

Best regards
Stephan

-----Original Message-----
From: ramnar [mailto:raam.soft@gmail.com] 
Sent: Dienstag, 3. November 2015 10:11
To: users@camel.apache.org
Subject: Re: javax.net.ssl.SSLException: hostname in certificate didn't match

Hi
Use the http component to allow all hosts like the following
httpcomponent.setX509HostnameVerifier(new AllowAllHostnameVerifier());




--
View this message in context: http://camel.465427.n5.nabble.com/javax-net-ssl-SSLException-hostname-in-certificate-didn-t-match-tp5754018p5773339.html
Sent from the Camel - Users mailing list archive at Nabble.com.