tSetKeyStore / tRestClient and setting disableCNCheck

Anonymous — Thu, 01 Oct 2015 20:51:20 GMT

Hello,
Any ideas on how to override the certificate check in the tRestClient component?
I ran into a case recently where in a non-production environment, a vendor's staging environment is using a HTTPS Certificate which is for a dev environment. The end result is that the SSL Handshake failed because the FQDN doesn't match the certificate.
I'm using TOS 6.0 and currently running the job on my local development station.The error message indicates that CSF Client TLS Config property "disableDNCheck" should be set to true. I am specifying a keystore which does have the certificate in it.
How do you set this propery in TOS, such that it picks it up? I've tried setting this in the Job's run tab, Advanced settings (below) without any effect.
JVM args that didn't help
-Djsse.enableSNIExtension=false
-DsetDisableCNCheck=true
-DdisableCNCheck=true
-Ddisable-https-hostname-verification=true
---
Error
Exception in component tRESTClient_1javax.ws.rs.ProcessingException: java.io.IOException: IOException invoking : The https URL hostname does not match the Common Name (CN) on the server certificate in the client's truststore. Make sure server certificate is correct, or to disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.

Re: tSetKeyStore / tRestClient and setting disableCNCheck

Anonymous — Tue, 27 Oct 2015 13:28:52 GMT

Hi
It does not support HTTPS certificate right now, our developers already know this issue, and it has been reported in our bugtracker. see:
https://jira.talendforge.org/browse/TESB-13391
Best regards
Shong

topic Re: tSetKeyStore / tRestClient and setting disableCNCheck in Talend Studio

tSetKeyStore / tRestClient and setting disableCNCheck

Re: tSetKeyStore / tRestClient and setting disableCNCheck