You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Open Liberty performs hostname verification on SSL certificates. If you want to disable the hostname verification functionality, the `verifyHostname` attribute within the `ssl` tag must be initialized to `false`.
In Open Liberty, hostname and IP address verification are enabled by default. This verification is enforced for target servers in all SSL connections by using the Open Liberty socket factories. However, you can specify a list of hostnames, IP addresses, or both to skip verification.
To disable hostname verification entirely, set the `verifyHostname` attribute within the `ssl` tag to `false`.
When hostname verification is enabled (`verifyHostname="true"`), you can specify hostnames or IP addresses to be skipped for verification by using the `skipHostnameVerificationForHosts` attribute within the `ssl` tag.
Additionally, hostname verification for only HTTP connections can be controlled separately by using the `httpHostNameVerification` attribute within the `sslDefault` tag. If `httpHostNameVerification` attribute is set to `true` and `verifyHostname` attribute is set to `false`, hostname verification can still be enforced on HTTP connections, but not on other connections.
