You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@servicemix.apache.org by "Guillaume Nodet (JIRA)" <ji...@apache.org> on 2008/10/07 09:30:53 UTC
[jira] Updated: (SM-1308) CxfBcProviderSecurityTest test failed
[ https://issues.apache.org/activemq/browse/SM-1308?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Guillaume Nodet updated SM-1308:
--------------------------------
Fix Version/s: servicemix-cxf-bc-2008.01
> CxfBcProviderSecurityTest test failed
> -------------------------------------
>
> Key: SM-1308
> URL: https://issues.apache.org/activemq/browse/SM-1308
> Project: ServiceMix
> Issue Type: Test
> Components: servicemix-cxf-bc
> Reporter: Freeman Fang
> Assignee: Freeman Fang
> Fix For: 3.2.2, 3.3, servicemix-cxf-bc-2008.01
>
>
> this test failed caused by recent change in cxf
> we need add disableCNCheck="true" to tlsClientParameters to allow to use localhost during test
> paste the related comment from cxf wiki
> "The TLSClientParameters are listed here and here. A new feature starting in CXF 2.0.5 is the disableCNcheck attribute for this element. It defaults to false, indicating that the hostname given in the HTTPS URL will be checked against the service's Common Name (CN) given in its certificate during SOAP client requests, and failing if there is a mismatch. If set to true (not recommended for production use), such checks will be bypassed. That will allow you, for example, to use a URL such as localhost during development."
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Re: [jira] Updated: (SM-1308) CxfBcProviderSecurityTest test failed
Posted by Naresh <it...@gmail.com>.
Guillaume Nodet (JIRA <ji...@...> writes:
>
>
> [
> https://issues.apache.org/activemq/browse/SM-1308?
page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
>
> Guillaume Nodet updated SM-1308:
> --------------------------------
>
> Fix Version/s: servicemix-cxf-bc-2008.01
>
> > CxfBcProviderSecurityTest test failed
> > -------------------------------------
> >
> > Key: SM-1308
> > URL: https://issues.apache.org/activemq/browse/SM-1308
> > Project: ServiceMix
> > Issue Type: Test
> > Components: servicemix-cxf-bc
> > Reporter: Freeman Fang
> > Assignee: Freeman Fang
> > Fix For: 3.2.2, 3.3, servicemix-cxf-bc-2008.01
> >
> >
> > this test failed caused by recent change in cxf
> > we need add disableCNCheck="true" to tlsClientParameters to allow to use
localhost during test
> > paste the related comment from cxf wiki
> > "The TLSClientParameters are listed here and here. A new feature starting
in CXF 2.0.5 is the
> disableCNcheck attribute for this element. It defaults to false, indicating
that the hostname given in
> the HTTPS URL will be checked against the service's Common Name (CN) given in
its certificate during SOAP
> client requests, and failing if there is a mismatch. If set to true (not
recommended for production use),
> such checks will be bypassed. That will allow you, for example, to use a URL
such as localhost during development."
>
Hi ,
It is said that adding disableCNCheck="true" to tlsClientParameters is not
recommended in production use .... if that is the case how do we proceed furthr
in bypassing the common name check in production........
what would be the possible options ...