I know there were a lot of questions/answers about how to ignore SSL error in the code.
On our dev region dev.domain.tld
we have configured a app server over SSL.
The certificate that is displayed is for somedev.domain.tld
.
There is no way to change the certificate, it will always be a domain mismatch.
So when I deploy a web-service to https://dev.domain.tld
and try to connect/call my webservice I get an exception:
Caused by: java.security.cert.CertificateException: No name matching dev.domain.tld found
And I have the somedev.domain.tld
CERT in my trust store.
Now, I saw a lot of samples how to change that in the code (using a Trust Manager that accepts all domains), but how do I specify to the JVM to ignore the domain mismatch when connecting to the server? Is there a -Djavax.net.ssl
argument or something?
Thank you!
UPDATE:
Or, since I am using Spring-WS, is there a way to set some property in Spring for that? (WebServiceTemplate)
UPDATE
I guess I'll have to do use something from Spring Security: http://static.springsource.org/spring-ws/sites/1.5/reference/html/security.html
This works for me in a client application of mine, perhaps this will also work for you if you are (or Spring is internally) using HttpsURLConnection anywhere.
Its hardly SSL best practice though. The best solution would be to use a certificate that matches the hostname.