webMethods API Gateway Q&A - Disabling of hostname verification for SSL certificates

Community-admin · February 27, 2024, 10:57am

Detailed explanation of the problem:

When the HTTPS endpoints of API Gateway are invoked with a self-signed certificate, then the Developer Portal displays the SSL exception message.

Error messages / full error message screenshot / log file:

Exception: Caused by: [javax.net](http://javax.net/).ssl.SSLPeerUnverifiedException: Certificate for <IP ADDRESS> doesn't match any of the subject alternative names

Community-admin · February 27, 2024, 10:57am

Solved in webMethods Developer Portal 10.11 Fix 9. Below is the fix read me for user reference –
DPO-890 –

Disabling of hostname verification for SSL certificates. When the HTTPS endpoints of API Gateway are invoked with a self-signed certificate, the Developer Portal displays the SSL exception message.

This issue is resolved. The hostname verification is disabled by default using the new setting ‘disable-host-name-verifier’ added to the application-dev.yml file.

The default value of this setting is ‘true’.

Topic		Replies	Views
webMethods.io API Gateway: Securing APIs using SSL Certificate Knowledge base webMethods , API-Management , API-Gateway	0	2889	July 27, 2020
webMethods.io API - Identify & Authorize Application using SSL Certificate webMethods , API-Management , API-Gateway	2	2077	April 2, 2021
Sending HTTPS without a CA Certificate webMethods , Integration-Server-and-ESB , webmethods-Protocol-and-Transport	10	8978	April 2, 2021
How to Ignore self signed certificate webMethods , API-Management , SOA	5	2665	April 2, 2021
Certificate based authentication webMethods , API-Management , API-Gateway	2	1017	April 2, 2021

webMethods API Gateway Q&A - Disabling of hostname verification for SSL certificates

Detailed explanation of the problem:

Error messages / full error message screenshot / log file:

Related topics