javax.net.ssl.SSLPeerUnverifiedException

tcoufal · ‎Jul 22, 2019

Hi There,

we are facing lot of problems when upgrading from 7.3.8 to 8.4.3.

One of which is a problem with making requests from ThingWorx to Apache servers with LoadText()

This Issue has been raised before and it is marked as Solved. I think it is not solved, because option "ignoreSSLErrors" has to prevent service to fail.

Apache servers are using self signed certs and we cannot change them.

We need to solve this by ignoring all SSL problems with response handling.

Needless to say this is a PROD environment for a very big customer of ours and PTCs.

Constantine · ‎Jul 22, 2019

Hello,

Just in case you don't get any better answer -- an important deployment like "large customer in PROD" probably deserves a proper solution for this issue, which is adding this self-signed certificate to your client's keystore.

But you'll also need to check that the server-side settings are OK -- certificate not expired, Apache doesn't use some legacy SSL version to handshake, etc. It certainly won't be easy (at least the first time), but FWIW ignoring SSL errors like these is pretty much equivalent to using plain HTTP.

/ Constantine

tcoufal · ‎Jul 22, 2019

External webservers are not our solution. We dont have access to them. (and we are talking about 200+ apache web servers). Server settings are just fine except CN does not match hostname (also host name can change).

Also plain HTTP does not solve data integrity issues, SSL does.