API Gateway - Could not verify hostname
search cancel

API Gateway - Could not verify hostname

book

Article ID: 197668

calendar_today

Updated On: 10-26-2023

Products

CA API Gateway

Issue/Introduction

I am configuring the "Send Email" assertion with an office 365 smtp. But when doing a test it gives me a problem that does not recognize the hostname.

The following error is displayed in the log:
2020-08-02T12:47:44.451-0300 WARNING 632 com.l7tech.server.transport.http.SslClientHostnameVerifier: Could not verify hostname 'smtp.Office365HostName.com'.

Environment

Component : API GATEWAY

Cause

Hostname can not be verified on a trusted certificate.

Resolution

To prevent this add the com.l7tech.server.policy.emailalert.useDefaultSsl system property to bypasses the additional renegotiation.

 

1. Connect to the Gateway and edit: /opt/SecureSpan/Gateway/node/default/etc/conf/system.properties

2. Add this property com.l7tech.server.policy.emailalert.useDefaultSsl=TRUE

3. Save the file and restart the gateway.

4. The office365 root certificate should be added to the gateway trust store( Policy manager-> Manage Certificates) with the proper hostname.

5. The certificate has the "Use" option and "Outbound SSL" selected in the Certificate Properties, under the Options

5. In Email alert properties select protocol as “SMTP with STARTTLS” port 25/587.

7. Select Server Required Authentication checkbox.

8. The domain name must be provided for all user names and email ids(Ex: xyz@example.com).

9. Adding proper email ids it should send email normally.

Additional Information

For more information see our Documentation on Verifying Hostnames for Outbound SSL Connections.