Authentication Issues when "com.glide.communications.httpclient.verify_hostname" is TRUE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-30-2024 01:02 PM
Hi everyone,
Our team recently updated one of our system properties for “com.glide.communications.httpclient.verify_hostname” - updating it to true to comply with ServiceNow standards.
We noticed this led to major authentication issues while testing in our lower environments.
Specifically meaning certificate issues with the LDAP server that displays the following error message, “Could not find a valid certificate”.
After setting the property back to false, authentication started working as expected.
Did anyone run into this problem, if so, what were your workarounds?
In the documentation we noticed this property does override “com.glide.communications.trustmanager_trust_all”, could this be the root cause?”
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-30-2024 07:01 PM
Hello,
I encountered a similar issue during a Government implementation, not specifically with LDAP but with the property enforcing certificate checks.
The behavior you're experiencing aligns with the com.glide.communications.httpclient.verify_hostname property, which enforces stricter certificate validation for outbound HTTPS calls. When set to true, ServiceNow ensures that the hostname in the SSL certificate matches the hostname being connected to.
We resolved the issue by updating the certificate to the latest version with the correct hostname.
Disabling this property (com.glide.communications.httpclient.verify_hostname) effectively turns off certificate verification instance-wide, which is not an ideal solution from a security standpoint. In our situation, the third party eventually resolved their certificate issue, allowing us to re-enable the property and maintain security compliance.
Hope this helps.
