Hi everyone,
I recently found this warning in one of our gateways: "Bypassing certificate validation and hostname verification is highly insecure and should only be used for testing purposes" and haven't been able to figure out what is going on, hopefully someone here can give me a hand.
Thank you in advance for any help!
It means you have one or more scripts using the system.net.httpClient or system.net.http* calls with the "bypass certificate validation" flag enabled.
It looks like these warnings are set up so they are only logged at WARN level at most once per minute, then on DEBUG for any intermediate instances.
Hi,
If you are using the Linux server, this was the solution for this Bypassing certificate validation issue.
Step1: Move that API SSL certificate on Server as .crt format.
Step 2: Run the below command.
/usr/local/bin/ignition/lib/runtime/jre-nix/bin/keytool
-import -trustcacerts
-alias DNS-cert
-file /home/user1/Downloads/DNS.crt
-keystore /usr/local/bin/ignition/lib/runtime/jre-nix/lib/security/cacerts
-storepass changeit
Note:
Step 3: Enter yes, For the trust certificate.
Step 4: Restart the Ignition service.