JVM to ignore certificate name mismatch

Posted by Heavy Bytes on Stack Overflow See other posts from Stack Overflow or by Heavy Bytes
Published on 2010-04-20T20:42:52Z Indexed on 2010/04/20 21:03 UTC
Read the original article Hit count: 250

Filed under:
|
|
|

I know there were a lot of questions/answers about how to ignore SSL error in the code.

On our dev region dev.domain.tld we have configured a app server over SSL.

The certificate that is displayed is for somedev.domain.tld.

There is no way to change the certificate, it will always be a domain mismatch.

So when I deploy a web-service to https://dev.domain.tld and try to connect/call my webservice I get an exception:

Caused by: java.security.cert.CertificateException: No name matching dev.domain.tld found

And I have the somedev.domain.tld CERT in my trust store.

Now, I saw a lot of samples how to change that in the code (using a Trust Manager that accepts all domains), but how do I specify to the JVM to ignore the domain mismatch when connecting to the server? Is there a -Djavax.net.ssl argument or something?

Thank you!

UPDATE:

Or, since I am using Spring-WS, is there a way to set some property in Spring for that? (WebServiceTemplate)

UPDATE

I guess I'll have to do use something from Spring Security: http://static.springsource.org/spring-ws/sites/1.5/reference/html/security.html

© Stack Overflow or respective owner

Related posts about java

Related posts about certificate