Verify certificate chain and hostname [New in Security Center 1.3 and updated in 2.0]

リリースバージョン: Australia

更新日 2026年03月12日

所要時間：2分

Configure the com.glide.communications.httpclient.verify_hostname property to prevent man-in-the-middle-attacks by ensuring that the certification verification process is executed.

When the Glide Property com.glide.communications.httpclient.verify_hostname is not set to the secure value of true, the hostname and certificate chain presented by remote hosts during a TLS connection initiated from the ServiceNow instance are not validated. This could compromise the security of the TLS connection and allow person-in-the-middle attacks, where communications between two parties are intercepted. This may lead to sensitive data disclosure.

More information


Attribute	Description
Configuration name	com.glide.communications.httpclient.verify_hostname
Configuration type	System Properties (/sys_properties_list.do)
Data type	Boolean
Recommended value	true
Default value	false
Category	Communications
Security risk	Severity score: High CVSS score: 7.4 Security risk details: Not setting com.glide.communications.httpclient.verify_hostname to the recommended value of true could make your instance vulnerable to man-in-the-middle-attacks.
Dependencies and prerequisites	None
Functional impact	Verifies hostname and certificate chain presented by remote secure socket layer (SSL) hosts. Set this property to true to secure against Man-in-the-middle (MITM) attacks. 注: This property overrides the com.glide.communications.trustmanager_trust_all, property.