You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Nathan Bell <nb...@companioncorp.com> on 2002/03/01 23:06:42 UTC

IOException: HTTPS hostname wrong

I receive an "IOException: HTTPS hostname wrong" exception when using a 
self-signed certificate for SSL connections. I know that this should 
happen so to prevent bad people from fooling me, but I need to turn it 
off for testing purposes. I have tryed to cicurmvent this feature using 
HttpsURLConnection.setDefaultHostnameVerifier() to use a class that lets 
every hostname be correct. Tomcat 4.0.1 seems to be ignoring this, and 
using it's own HostnameVerifier instead. I would use 4.0.2 but there are 
problems with it and my servlet getting along.
Is there a different way to get Tomcat to ignore incorrect hostnames? or 
maybe I'm just doing it wrong?
I've included the code snippet that seems to hate me: It seems to work 
perfect for certificates that have the correct hostname.

Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("java.protocol.handler.pkgs", 
"com.sun.net.ssl.internal.ssl.protocol");

System.setProperty("javax.net.ssl.keyStore",keyStorePath1);
System.setProperty("javax.net.ssl.keyStorePassword",keyStorePassPhrase1);

if(!checkCertificates)
{
    System.setProperty("javax.net.ssl.trustStore",keyStorePath2);
    
System.setProperty("javax.net.ssl.trustStorePassword",keyStorePassPhrase2);
   
    HttpsURLConnection.setDefaultHostnameVerifier(
        new HostnameVerifier()
        {
            public boolean verify(String urlHostname, String certHostname)
                {
                    return true;
                }
        } );
}

-- 
Nathan Bell
Companion Corporation
Evelyn Manufacturing
www.companioncorp.com
nbell@companioncorp.com

 ><));>



--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>