Discussion:
Disable Hostname Verification for SSL
(too old to reply)
vikash
2021-01-28 08:14:04 UTC
Permalink
Hello,

Is there any setting to turn off hostname verification within TDI?

we are getting the following exception when trying to post to ISIM via JNDI connector. The certificate DN is having Loadbalancer name in subject DN and we don't have individual host name included in SAN, so how to fix this without updating the itim certificate?

"CTGDIS495I handleException , update, com.ibm.dsml2.jndi.DSML2NamingException: java.security.cert.CertificateException: No subject alternative DNS name matching 'host' found."
Jens Thomassen
2021-01-28 13:10:03 UTC
Permalink
You could try to add this line to solution.properties:
com.sun.jndi.ldap.object.disableEndpointIdentification=true

It may work, depending on which JVM you are using with TDI.
Note that there are security issues with doing this, there is a reason why the hostname in the certificate should be veried.
Loading...