how to disable CN checking for CXF 3.0.0+ jax-rs 2.0 client

Question

I don't know how to programmatically disable CN checking with CXF 3.0.4 JAX-RS 2.0 client. My code is as follows:

     System.setProperty("jsse.enableSNIExtension", "false"); 
        HttpsURLConnection.setDefaultHostnameVerifier( 
        new HostnameVerifier(){ 

            public boolean verify(String hostname, 
                    SSLSession sslSession) { 

                    return true; 
            
            } 
        }); 
            Client client = ClientBuilderImpl.newClient(); 
            String urlHost = "https://" + centralNode; 
            WebTarget target = client.target(urlHost).path(BASE_SERVICE_URL); 
            String encodedpw = Base64.encodeBase64String(passwd.getBytes()); 
            String body = "{\"uid\" : \"" + uid + "\",\"password\": \"" + encodedpw + "\"}"; 
            Response res = target.request(MediaType.APPLICATION_JSON).post(Entity.entity(body, MediaType.APPLICATION_JSON)); 

As you can see, I already tried to override the default hostnameverifier, and set jsse.enableSNIExtension to false. None of these worked, i am still getting the exception:

"The https URL hostname does not match the Common Name (CN) on the server certificate in the client's truststore. Make sure server certificate is correct, or to disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true."

Please help!

Answer 1

You are looking for this code snippet;

       HTTPConduit httpConduit=(HTTPConduit)ClientProxy.getClient(SAMPLE_PORT).getConduit();
       TLSClientParameters tlsCP = new TLSClientParameters();
       tlsCP.setDisableCNCheck(true);
       httpConduit.setTlsClientParameters(tlsCP);

Always use this code in test environment.!