Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-dev] [jetty-users] How to disable hostname validation on jetty embedded server 9.x version

Hostname verification of the types you are asking about is a client side verification of the server certificate.

The server doesn't do anything more then give that server certificate to the client and the client verifies it.

You either fix this issue on the client side to not pay attention to the certificate hostname, or change the certificate on the server side to give the client the right hostname.

Joakim Erdfelt / joakim@xxxxxxxxxxx

On Wed, May 16, 2018 at 5:47 AM, Luis Morales Alcala <lmoralesa@xxxxxxxxxxxxxxxxxx> wrote:

Hi Joakim

I have read a lot about this and on version 9.x the hostname verification is enabled by default in the server.

I need to disable this verification in the server but the method  setEndpointIdentificationAlgorithm is not working well.


SslContextFactory.setEndpointIdentificationAlgorithm(null);




De: jetty-users-bounces@eclipse.org <jetty-users-bounces@eclipse.org> en nombre de Joakim Erdfelt <joakim@xxxxxxxxxxx>
Enviado: miércoles, 16 de mayo de 2018 12:44
Para: Jetty @ Eclipse developer discussion list
Cc: jetty-users@xxxxxxxxxxx
Asunto: Re: [jetty-users] [jetty-dev] How to disable hostname validation on jetty embedded server 9.x version
 
Server doesn't do that, the client does.

Joakim Erdfelt / joakim@xxxxxxxxxxx

On Wed, May 16, 2018 at 5:43 AM, Luis Morales Alcala <lmoralesa@xxxxxxxxxxxxxxxxxx> wrote:


Dear All,

Can someone help me with this problem?

















De: Luis Morales Alcala
Enviado: miércoles, 9 de mayo de 2018 16:38
Para: jetty-users@xxxxxxxxxxx; jetty-dev@xxxxxxxxxxx
Asunto: How to disable hostname validation on jetty embedded server 9.x version
 

Dear all
Currently I have a Verison 9.3.x Embedded Jetty server working perfectly offering websockets communications through port 8080 and through 8443 for secure communications.
I need to disable the validation of the hostname as well as the certificates but I can not disable it.

I am using the method setTrustAll and setEndpointIdentificationAlgorithm(null) but the hostname verification is still activated.
sslContextFactory.setTrustAll(true);
sslContextFactory.setEndpointIdentificationAlgorithm(null);
How can avoid it?

Best regards


_______________________________________________
jetty-dev mailing list
jetty-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-dev


_______________________________________________
jetty-dev mailing list
jetty-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-dev


Back to the top