Certificate name != hostname -> does not throw exception!?

Hi all,

When a certificate's subject name != hostname, a hostname not match exception should be thrown.

But this is not so in my case, could someone provide me some hint?

I am suspecting if it's got something to do with that I am using a truststore or security policy...

The configuration is:

Server -

Certificate.cert (signed by my own CA, subject name=some computer name)

TrustStore.cert (my own CA certificate)

Policy file (which grants all security permissions)

Client -

Certificate.cert (signed by my own CA, subject name=some computer name)

TrustStore.cert (my own CA certificate)

Sever requires client side authentication, so client has a certificate too.

Runtime parameters:

-Djava.security.policy="policy"

-Djavax.net.ssl.keyStore=Certificate.cert

-Djavax.net.ssl.keyStorePassword=password

-Djavax.net.ssl.trustStore=TrustStore.cert

Regards,

Eddie

[988 byte] By [eddiecjchianga] at [2007-11-27 8:23:36]

«« How to use makefile utility in Solaris
»» GridBagLayout

# 1

> When a certificate's subject name != hostname, a> hostname not match exception should be thrown.If you are using HTTPS. Not in general, as many contexts in which a certificate is used don't have a hostname to check against.

ejpa at 2007-7-12 20:12:29 >

top of Java-index,Security,Java Secure Socket Extension (JSSE)...

# 2

I see.Thank you.

eddiecjchianga at 2007-7-12 20:12:29 >

Security

Java Secure Socket Extension (JSSE)

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

Certificate name != hostname -> does not throw exception!?

Security Hot Topic

Security

All Classified