Javier's Blog

Mostly computers and other tech stuff,...

Saturday, December 19, 2009

Accepting certificates for OpenJMS HTTPS tunnel

OpenJMS HTTPS tunnel can be a bit tough to setup because Java by default validates SSL certificates and of course the errors you get from OpenJMS are really not that helpful. E.g., "java.io.IOException: HTTPS hostname wrong: should be."

During development often self signed certificates are used, which Java will fail to validate. This can be bypassed with a few lines of code, it will force Java not to check the validity of a certificate:

com.sun.net.ssl.HostnameVerifier hv=new com.sun.net.ssl.HostnameVerifier() {
public boolean verify(String urlHostname, String certHostname) {
logger.warn("Hostname: "+urlHostname
+" does not match certificate: "+certHostname);
return true;

Useful Links:

Error I was getting: java.io.IOException: HTTPS hostname wrong: should be

How to import a certificate from file in Java using keytool

Error I was getting: HTTPS hostname wrong

How to create certificates:

Another SSL HOWTO:

Tuesday, December 08, 2009

OS X Global Variables

Yes, even if /etc/launchd.conf does not exist:

cat >> /etc/launchd.conf
setenv JAVA_HOME /System/Library/Frameworks/JavaVM.framework/Home