tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "joelsherriff" <joelsherr...@comcast.net>
Subject why is hostnameverifier() necessary?
Date Fri, 03 Jun 2005 16:45:35 GMT
This is an SSL HostnameVerifier() question.  I _believe_ I have my client and server certificates
configured properly and, up to now, I have been accessing my server via ip address and using
the ip address as the CN in the server cert.  So I assumed that the problems I was having
on the client side when connecting to the server, which required using a HostnameVerifier(),
were due to "the default rules for URL hostname verification" failing, whatever they are,
quoted from the javax.net.ssl.HostnameVerifier doc.  I assumed it was failing because I was
connecting using the IP address and that that, for whatever reason, didn't pass the "default
rules".

But...now I've modified my server cert to contain the correct domain name, the same domain
name I'm connecting to, and I'm still getting an "HTTPS hostname wrong:  should be <...>"
error.  If I use a hostname verifier callback in order to make it work, it tells me that the
hostname it's looking for and the hostname in the cert are exactly the same!  So why is my
hostnameverifier necessary?

Hope someone can shine a light on this...

Thanks

JS
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message